Using Private Keys with SSH login Without Password on Mac OS X

Here’s an excellent write-up for setting up SSH access using private keys to connect to other Linux/Unix servers without having to enter a password.

http://smbjorklund.no/ssh-login-without-password-using-os-x

Copied here for reference.

Tired of typing passwords to SSH servers you often access? Well get used to it! Passwords provide a high level of security, but but it have a tendency be tedious, and also prevent you from running local scripts that automatic logon to your server to perform tasks or you you simply will backup/copy files from your server to your local Mac. The good news is that’s a simple solution to all this.

SSH and keys, WTF


To enable automatic login to a SSH server, the server must have a copy of your public key. The key is signed by what we call a passphrase, meaning that, when you now access a server that got a copy of your public key it prompt your for your password (passphrase) instead of the system user account password. So we really did not fix the problem, we just shifted the problem, but we shifted it in the right direction, and now we can do something about it.
ssh public key
Passphrase exchange

Empty passphrase

The most daring users, simply create a public key with a empty passphrase. This introduce a security problem. If you somehow gained access to a copy of your privat key, they will gain access to all the servers that trust your key.

Use a agent to propagate the passphrase

Keychain Access
A more secure way of solving this is using a program (ssh-agent) to propagate the passphrase. This solution is quite good, but like everything else it comes with a few drawbacks. You need to have your shell environment set up correctly, and only application with the correct environment setting is able to benefit from it. In OS X you are able avoid this problem simply by using the system utility “Keychain Access”. It will store and propagate your passphrase, and in Leopard (10.5) Apple finally introduced native support for using Keychain Access also in terminal.

Setting it all up

OS X has native support for creating and storing pass phrases (Keychain access) so setting this up on your Mac is not that hard. Linux users that are reading this can also follow along then the only difference is what application you use to store the passphrase. Like an example will Gnome users normally use the Gnome Keyring application.

  1. Create your set of keys:
    Start up the Terminal application and run:
    ssh-keygen -t rsassh-keygen will the ask where to store the public key it is about to create. Normally the default suggestion works just fine (~/.ssh/id_rsa.pub). ssh-keygen then ask you to enter a pass phrase. Please use something secure here and please also remember it.
  2. Copy the public key to your SSH server
    Copy the newly created public key to the SSH server(s) you need to auto login into by using your favourite transport method. Please be careful not to overwrite ~/.ssh/authorized_keys if it already exist! This is how I personally copy the key, might not be your preferred method:

    • If authorized_keys exist: 
      cat ~/.ssh/id_rsa.pub | ssh username@example.com "cat - >> ~/.ssh/authorized_keys"
    • If authorized_keys does not exist: 
      scp ~/.ssh/id_rsa.pub username@example.com:~/.ssh/authorized_keys
  3. Optional step: You might consider restricting file access to the file authorized_keys on the SSH server. chmod 0600 ~/.ssh/authorized_keys to even further improve your system security.

Keychain store passphrase
Now you should be all set. The very first time you access the server by ssh, Keychain will prompt you for your keyphrase and then store it and you will never have to type it again.

Latest List of Apps for the Mac

An awesome (updated) list of apps for the Mac, many that I use myself. Have a favorite app that’s not on the list? Leave it in our comments section!

What Would Dan Do?

Updated 12/3/2012

I’ve found these lists useful when others have posted them, many times I discover an app I didn’t know about.

Here is a list of apps that are installed on my Macbook Air, I’m not including what came with it.

  • Alfred
  • Aperture
  • AppCleaner
  • AppFresh
  • BetterSnapTool
  • Caffeine
  • Calibre
  • Citrix Kits To Go
  • Citrix Receiver
  • CoRD
  • Evernote
  • Google Chrome
  • GotoMeeting
  • Growl
  • HandBrake
  • iWork ’09
  • LastPass
  • Microsoft Office 2011
  • Microsoft Remote Desktop Client
  • MPlayerX
  • Nik Software (Color efex Pro & Dfine
  • OmniGraffle Professional
  • Pocket
  • Reeder
  • Reminders
  • SkyDrive
  • Skype
  • Sonos Desktop Controller
  • Spotify
  • The Unarchiver
  • Twitter
  • uTorrent
  • VMware View Client
  • XtraFinder
In addition to the above apps I also have these apps on my Macbook Pro that I use primarily at home:
  • Air Video Server
  • atMonitor
  • Burn
  • CrashPlan
  • Firefox
  • gfxCardStatus
  • Opera
  • VMware Fusion
  • VLC

View original post

How-To: Remove a deleted folder from Finder Sidebar on a Mac

I had a very stubborn folder that I had on my Finder sidebar, under “Favorites”, because the actual folder on the my Mac was deleted. Because the folder was deleted, I could not remove the “Favorite” by the normal right-click and “Remove from Sidebar” option. It was driving me crazy but a search lead me to an actual simple resolution: just hold down the “Command” key while dragging the folder off the sidebar. This worked perfectly!

https://discussions.apple.com/thread/3048198

 

Scanning and Getting Things from Your iTunes iPhone Backup (Mac)

I was having some performance issues with my iPhone and I wanted to clear it out and did a “factory restore” from within iTunes and then just sync back my apps from iTunes. Well, that all went ok. I use Microsoft Exchange at work and I have my iPhone synced with my Exchange account, so it handles Contacts, Mail and Calendar. So I wasn’t worried about that data as I can always sync that information. (BTW, if you don’t have an Exchange account, use GMail’s free ability to do the same thing, which actually uses Exchange technology: http://www.google.com/mobile/products/sync.html#p=default).

But the thing that I forgot to make copies of or send them to myself in an email were my Notes on my iPhone. iTunes makes a backup of notes and the like, but I didn’t  do a “restore” from within iTunes, I did a complete reset. I also didn’t want to do a restore in case whatever was slowing down my iPhone might return from the restore. So the question came up – How do I get my notes back from my iTunes backup without doing a restore?

Answer = MobileSyncBrowser! It’s a program I found that does exactly what I wanted and is totally awesome. It can also do pictures, media, call logs, contacts, calendar, SMS messages, etc! Info about it can be found here:
http://www.versiontracker.com/dyn/moreinfo/macosx/33166

The maker’s website and download link is at: http://homepage.mac.com/vaughn/msync/beta/

It worked perfectly for me. I was able to open my notes and just re-enter them (as they were short) on my iPhone. Enjoy!

Here’s a screenshot taken during my session:
mobilesyncbrowser

Making an ISO (Image) File from a CD/DVD on a Mac for Free

There are several ways to make an ISO (or an image) file from a CD/DVD but here is a FREE and pretty simple way to do so on your Mac. Yes it means using the command line “Terminal” on your Mac, sometimes a little “unknown” for some people, but I assure you it is quite simple.

And for you that are familiar with VMware ESX/vSphere, the utility is actually the same as what you can use on that product. In case you need, here’s a simple How-To link to create an ISO on VMware on my work blog here:
http://lewanps.wordpress.com/2009/07/11/how-to-make-isos-from-the-esxvsphere-service-console/

How-To: Making an ISO on a Mac

1) First, open up Terminal which is found under Applications, Utilities.

2) Next we’ll need to get the drive number for your CD/DVD drive. You can do this by using the following command:
drutil status

The will product output like the following. Make a note of the Disk# that it shows. This is the disk # for your CD/DVD device:

Vendor   Product           Rev

MATSHITA DVD-R   UJ-857E   ZA0E


Type: DVD-ROM Name: /dev/disk2 <– Look for the disk # here

Sessions: 1                  Tracks: 1

Overwritable:   00:00:00         blocks:        0 /   0.00MB /   0.00MiB

Space Free:   00:00:00         blocks:        0 /   0.00MB /   0.00MiB

Space Used:  846:35:55         blocks:  3809680 /   7.80GB /   7.27GiB

Writability:

Book Type: DVD-ROM (v1)

3) Now you will need to umount the disk with the following command:
diskutil unmountDisk disk2 (replace the disk# with yours)

4) Now you can write the ISO file with the dd utility, which is a built-in utility for copying disks:
dd if=/dev/disk2 of=name-of-file.iso
(replace disk# with yours and change the name of the “of=” file, which is the “Output File” name)

5) When finished you can remount the disk so you can use it with this command:
diskutil mountDisk disk2

Or you can eject the disk with this command (no remount necessary):
diskutil eject disk2

Ve

ndor   Product           Rev

MATSHITA DVD-R   UJ-857E   ZA0E
Type: DVD-ROM              Name: /dev/disk2
Sessions: 1                  Tracks: 1
Overwritable:   00:00:00         blocks:        0 /   0.00MB /   0.00MiB
Space Free:   00:00:00         blocks:        0 /   0.00MB /   0.00MiB
Space Used:  846:35:55         blocks:  3809680 /   7.80GB /   7.27GiB
Writability:
Book Type: DVD-ROM (v1)