Jeremy Felt

How I Setup All My SSH Keys in OS X (GitHub, Bitbucket, Beanstalk, Linode / Ubuntu)

For my own future reference, and to help you!

Without getting into the specifics of public keys and public key based authentication, here’s a brief overview and easy step by step that might get you to where you need to be.

First, you want to generate the SSH key that you’ll be using. This and other SSH keys are specific to your identity in Mac OS and will be located in one path.

cd ~/.ssh
mkdir old-key-backup
mv id_rsa* old-key-backup
ssh-keygen -t rsa -b 2048 -C "general.identity.email@domain.com"

If you follow the default prompts that result from the ssh-keygen command by just hitting ‘Enter’ for each, you’ll end up with two files in your ~/.ssh directory – id_rsa and id_rsa.pub. These files contain a key that identifies you based on the provided email, your current login, and the machine you created it on.

You’ll notice that one of the first things you did is move any existing id_rsa* files to a backup directory. If you already had some relationships setup, what we did could have broken them. In that case, move everything back. You can also use the prompts in ssh-keygen to name the files to something other than id_rsa* – like github_rsa* or my_server_rsa*. This way you can have different SSH keys for each service.

Now that you have your key generated, you want to copy the contents and then match up the other end.

pbcopy < ~/.ssh/id_rsa.pub

The above copies the exact contents of your new key to the OSX clipboard. Now you can…

  • Go directly to your GitHub profile’s SSH key page, click Add SSH Key, enter a title for the key and paste the contents into the Key textarea.
  • Go to your Bitbucket account – http://bitbucket.org/account/user/{user_name}/ssh-keys – click Add Key, add a label and past the contents into the Key textarea.
  • Go to your Beanstalk account and you get the point…

Services like that are the easy ones, but it’s also fairly easy to get your VPS set up the same way. Open an SSH session to your server under the username that you want to access via public key authentication, then try something like this…

cd ~/.ssh
vi authorized_keys

The authorized_keys file contains all public keys that have access to the server under the current username. This allows you to setup keys on multiple computers or from multiple services. Paste the contents of your key into the authorized_keys files either as the only entry or as a new entry, then save the file. With that you’re good to go! The next time you ssh with username@ip.address, authentication should be handled automatically.

If you want to go further than just ease of logging in and pushing updates, you can restrict password based authentications on your server completely so that a key is required to make the connection. Also remember that if you entered a password during the ssk-keygen command, you’ll need to enter that every time you use the key as well.

Hope that helps. Let me know if I totally screwed up some instructions.

Responses and reactions

Replies

carldanley replied on 

Excellent article. One note about copying the SSH to the remote server: If the ~/.ssh folder isn't there, you'll need to create it:

mkdir ~/.ssh

cd ~/.ssh

touch authorized_keys

nano authorized_keys

Paste in the SSH key from your laptop and then you'll be good to go! Excellent read and followed the article - worked like a charm! Thanks for the sweet tips.

Leave a Reply

Your email address will not be published. Required fields are marked *

The only requirement for your mention to be recognized is a link to this post in your post's content. You can update or delete your post and then re-submit the URL in the form to update or remove your response from this page.

Learn more about Webmentions.