Differences

This shows you the differences between two versions of the page.

--- services:2fa:ssh:macos [2021/03/22 11:36] – deul
+++ services:2fa:ssh:macos [2021/03/29 07:45] (current) – deul
@@ Line 1: / Line 1: @@
 ======Setup key based login from MacOS======
-The procedure is very similar to the Linux procedure. So we first need to build a public/private keypair using the ssh-keygen utility (note here the default rsa key is generated, but it is more secure to generate an ecdsa key like ''%%ssh-keygen -t ecdsa%%'':
+The procedure is very similar to the Linux procedure. So we first need to build a public/private keypair using the ssh-keygen utility:
-{{ :services:2fa:ssh:macterm3.png?400 |}}
+{{ :services:2fa:ssh:macos1.png?600 |}}
 For both question about passphrase, just hit enter (we will not be using passphrases). This will also have generated two files in your personal .ssh directory:
-{{ :services:2fa:ssh:macterm4.png?600 |}}
+{{ :services:2fa:ssh:macos2.png?600 |}}
-The file id_rsa.pub must be transferred to the remote host. For this we can use ssh-copy-id (again the image shows the rsa keypair, but you better use a ecdsa key pair):
+The file id_ecdsa.pub must be transferred to the remote host. For this we can use ssh-copy-id:
   $ ssh-copy-id -i ~/.ssh/id_ecdsa.pub username@remote-host
@@ Line 22: / Line 22: @@
   /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
   username@remote-host's password:
+  One-time password (OATH) for `username`:
-Type your password to actually start the file copy.
+Type your password (and the 2FA passcode) to actually start the file copy.
   Number of key(s) added: 1
@@ Line 30: / Line 31: @@
   and check to make sure that only the key(s) you wanted were added.
-The passwordless ssh login is now in place.
+The passwordless/2fa codeless ssh login is now in place.

Computer Documentation Wiki

User Tools

Site Tools

Differences

Page Tools