Generating your SSH Key on Mac OS X

How to Create an SSH Key on Mac:

Your Macbook actually has an OpenSSH client built right in, and it only takes one command to set it up!

Here's how to generate an SSH key on any version of Mac*: (Mac replaces the tilde character, ~, with your entire home directory path.)

mkdir -p ~/.ssh/
ssh-keygen -t ed25519 

You can just press enter for each prompt.

This will generate your SSH private key in the file ~/.ssh/id_ed25519 and your public key in the file ~/.ssh/id_ed25519.pub. (Note the .pub).

You can then upload your public key to Userify or Github by copying and pasting the contents of ~/.ssh/id_ed25519.pub in your home directory to Userify. Just cat the file and copy it from your terminal and paste it into Userify:

cat ~/.ssh/id_ed25519.pub

That's it! You now know how to generate an SSH key! Your private key is stored in id_ed25519.

Important: your public key is the same name with the .pub on the end (id_ed25519). You should never copy your private key or store it anywhere else, but your public key is, you know, public; you can put it anywhere. Just generate a new private key on any new devices that you use and then just paste your public key into your servers' authorized_keys files (or Userify, which manages your team's authorized_keys and sudo permissions for you).

Now that you've put your public key onto a remote server (via Userify above or similar), you can instantly log in without typing a password, just by typing in:

ssh YourUserifyUsername@ServerIP

If your Userify username is different from your Mac username, you can either ssh username@IP each time or just add the following to .ssh/config, and then just ssh IP and drop your username from the command.

In your home directory's .ssh/ directory, create a file named config:

Host *
    User YourUserifyUsername

Compatibility: This has been tested on versions of Mac OSX dating back at least to Catalina (2017), but if you need to generate a key on an older Mac, follow the tip below for RSA keys.

This method produces more secure and modern (and shorter!) curve 25519 (ED25519) keys, but if you prefer the older RSA keys, or you have to talk to an older system that doesn't support ED25519, just remove the -t ed25519 from the ssh-keygen command in the first step above.

© 2022 SSHKey.com