Connect macOS to Linux via SSH

I am going to show you a few twists and turns for using SSH to log into a Linux server from macOS. I am going to use my Pair Networks shared host as an example. I like having shell access to my web host, which is one of the great features that Pair offers. In addition to SSH, you can also use SFTP to transfer files. Once you have set up SSH, SFTP should work automatically if you so desire to use it. By setup, I mean being able to log in to the server without having to enter a password every time.

If you search the net, you will find a lot of articles about using SSH (Secure Shell Protocol). I am going to try to focus on some nuances when using it between macOS and Linux. Also, my focus includes using the command line via the macOS Terminal App. If this sounds interesting to you, please read on.

How to create an ed25519 SSH Key

For “password less” authentication, we need a pair of keys, one private for macOS and one public for Linux. Many net tutorials will focus on using an RSA pair (which will always work). I like using the newer ed25519 keys. You can search the net, but the ed25519 keys are smaller and more secure. The first step is to create our ed25519 key pair:

I like creating a unique file for saving the key. In other words, create a unique key pair for each server that you log into. You will want to create a strong passphrase for an extra level of protection. It can be anything; I like using a password generator to create a long passphrase. The -C option is just a comment. It could be anything, but it is typically an email address.

Now, you don’t want to have to enter that passphrase every time you log into your server, so we will add it to the macOS keychain:

Create a Password-less Login and Server Alias

To ensure that we never have to enter a password again, we will create a macOS SSH config file (~/.ssh/config):

Lines 1 – 5 are global options for any host, and lines 7 – 10 are for our specific SSH connection that we just created. You can read all about these SSH config options by doing man ssh_config. You can add additional host entries as needed. In addition to specifying our host name on line 7, we also created a short name, alias, for our host. You can list one or more names/aliases on this line. Name them what ever you want to call them. The next line, HostName, specifies the routable name for your host.

Because I did not use the default identity file (id_ed25519), I set the IdentifyFile option.

My Pair Networks host just supports IPv4 SSH access, so I specify that with the AddressFamily inet option.

Install the ed25519 public key on the Linux Server

Now, we are ready to install the public key on our Linux server. Just run this command to install the public key on your Linux server:

As the command output suggested, verify that you can login to your server. You can verify that your public key was added to: ~/.ssh/authorized_keys. The ssh-copy-id command with create the directory/file if it didn’t already exist. If you already have an authorized_keys file, it will just add the key to it. BTW, the ssh-copy-id command didn’t exist on older versions of macOS. I am using macOS Big Sur. It’s been around now for the last several macOS versions.

At this point, you should be able to login to the server without using a password:

Summary

You should be able to log into your Linux server using a short alias name and no password. Now you can use other SSH related commands such as scp or rsync to easily copy files using the server alias, for example:

Please let me know if something is not clear.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.