1mkdir ~/.ssh && chmod 700 ~/.ssh
2touch ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys
3# copy key.pub to authorized_keys
4# nano /etc/ssh/sshd_config
5service ssh reload
1cd ~/.ssh && ssh-keygen -t ed25519
Ed25519 is a newer algorithm which is faster than RSA. Ed25519 is supported by OpenSSH so you should be good in almost all cases. Github recommends passing it your email with -C which is then uses as a label.
1cd ~/.ssh && ssh-keygen -t ed25519 -C "hello@example.com"
1ssh-add --apple-use-keychain ~/.ssh/id_ed25519
view the server’s sshd_config file
1cat /etc/ssh/sshd_config
Check the following:
1RSAAuthentication yes
2PubkeyAuthentication yes
3AuthorizedKeysFile ~/.ssh/authorized_keys
1sudo mkdir ~/.ssh && sudo touch ~/.sh/authorized_keys
1sudo chmod go-w ~/ && sudo chmod 700 ~/.ssh && sudo chmod 600 ~/.ssh/authorized_keys
On macOS you can use the ssh-copy-id command to copy the SSH key to remote server
1ssh-copy-id -i ~/.ssh/mykey user@host
If you get the following error
/usr/bin/ssh-copy-id: WARNING: All keys were skipped because they already exist on the remote system.
(if you think this is a mistake, you may want to use -f option)
then force copy it with -f flag
1ssh-copy-id -f -i <key_path> <remote_server>
Remote server can either be in the user@host form or a name of a saved Host in .ssh/config
Alternatively, you can copy the key output manually over SSH, like this:
1cat ~/.ssh/id_ed25519.pub | ssh username@example.com "cat >> ~/.ssh/authorized_keys"
replace id_ed25519.pub with your generated key.
/home/.ssh/authorized_keys and ~/.ssh/authorized_keys are different if the user you are connecting to isn’t root. ~/.ssh/authorized_keys is preferred since it is relative to the user.