Due to the needs of the project, my side of Ubuntu often requires SSH access to another MacOS. Each time you enter a password a bit annoying, think of RSA public key and key authentication method. As is said in all tutorials, native execution [email protected]:~$ ssh-keygen-t RSA copies the public key to MacOS's/tmp and gives others read access: [email protected]:~$ SCP. ssh/id_rsa.pub [email protected]:/tmp [email protected] ' s password: id_rsa.pub 100% 390 0.4kb/s 00:00 so I landed on MacOS, and there was some preparation to do. There is no. ssh directory under the MacOS User directory. let alone. SSH under Authorized_keys file. dev-mini:~ devone$ mkdir. sshdev-mini:~ devone$ sudo chmod 740/tmp/id_rsa.pubdev-mini:~ devone$ sudo cat/tmp/id_rsa.pub >>/home/devone/.ssh/authorized_keysdev-mini:~ devone$ sudo chmod 740/home/devone/.ssh/authorized_ keysdev-mini:~ devone$ Exit For later SSH access I add a profile in this machine [email protected]:~$ CD. ssh/[email protected]:~/.ssh$ Vim Config Add the following host Dev-minihostname Dev-mini.localuser devoneidentityfile ~/.ssh/id_rsa after SSH access mac OS, I can directly [email protected]:~/.ssh$ ssh Dev-mini But let's enter the password. I think it should be a sshd_config configuration problem on Mac OS. Not Ssh_config Oh. Enter the password dev-mini:~ devone$ sudo vim/etc/sshd_config modified as follows:# $OpenBSD: sshd_config,v1.89 -/ Geneva/ .xx: -: theDtucker EXP $
# this isThe SSHD server system-wide configuration file. See
# Sshd_config (5) forMore information.
# This sshd is compiled with Path=/usr/bin:/bin:/usr/sbin:/sbin
# The strategy used forOptionsinchThedefaultSshd_config shipped with
# OpenSSH isTo specify options with theirdefaultValuewhere
# possible, but leave them commented. uncommented optionsOverrideThe
#defaultValue.
# See Sshd_config (5) forDetails on setting the Port and Listen values on Mac OS X
Port A
#AddressFamily any
#ListenAddress0.0.0.0
#ListenAddress::
# thedefaultRequiresExplicitActivation of Protocol1
Protocol2
# Hostkey forProtocol version1
#HostKey/etc/ssh/ssh_host_key
# Hostkeys forProtocol version2
Hostkey/etc/ssh_host_rsa_key
Hostkey/etc/ssh_host_dsa_key
Hostkey/etc/ssh_host_ecdsa_key
# Lifetime and size of ephemeral version1Server key
Keyregenerationinterval 1h
Serverkeybits1024x768
# Logging
# obsoletes Quietmode and Fascistlogging
Syslogfacility Authpriv
LogLevel INFO
# Authentication:
Logingracetime 2m
Permitrootlogin Yes
Strictmodes No
#MaxAuthTries6
#MaxSessionsTen
Rsaauthentication Yes
Pubkeyauthentication Yes
# thedefault isTo check both. Ssh/authorized_keys and. Ssh/authorized_keys2
# but This isOverridden so installations would only check. Ssh/authorized_keys
Authorizedkeysfile. Ssh/authorized_keys
#AuthorizedPrincipalsFile None
#AuthorizedKeysCommand None
#AuthorizedKeysCommandUser Nobody
# for ThisTo work you'll also need host keysinch/etc/ssh/ssh_known_hosts
Rhostsrsaauthentication No
# Similar forProtocol version2
Hostbasedauthentication No
# Change to YesifYou don'T Trust ~/.ssh/known_hosts for
# Rhostsrsaauthentication and Hostbasedauthentication
#IgnoreUserKnownHosts No
# Don'T read the user's ~/.rhosts and ~/.shosts files
Ignorerhosts Yes
# To disable tunneled clear text passwords both Passwordauthentication and
# challengeresponseauthentication must beSetTo"No".
Passwordauthentication Yes
Permitemptypasswords No
# Change to No to disable S/key passwords
Challengeresponseauthentication No
# Kerberos Options
#KerberosAuthentication No
#KerberosOrLocalPasswd Yes
#KerberosTicketCleanup Yes
# GSSAPI Options
#GSSAPIAuthentication No
#GSSAPICleanupCredentials Yes
#GSSAPIStrictAcceptorCheck Yes
#GSSAPIKeyExchange No
# Set ThisTo'Yes'To enable PAM authentication, account processing,
# and session processing. If This isEnabled, PAM authentication would
# be allowed through the challengeresponseauthentication and
# passwordauthentication. Depending on your PAM configuration,
# PAM authentication via Challengeresponseauthentication may bypass
# The setting of"Permitrootlogin Without-password".
# If You just want the PAM account and session checks to run without
# PAM authentication, then enable ThisButSetPasswordauthentication
# and Challengeresponseauthentication to'No'.
# Also, PAM would denyNULLPasswords bydefault. If you need to allow
#NULLpasswords, add the"Nullok"option to the end of the
# securityserver.so Lineinch/etc/pam.d/sshd.
Usepam Yes
#AllowAgentForwarding Yes
#AllowTcpForwarding Yes
#GatewayPorts No
x11forwarding Yes
#XauthLocation Xauth # Default isTo search $PATH (Setby Launchd (8)). It isRecommended. A full path is provided.
X11displayoffsetTen
#X11UseLocalhost Yes
PRINTMOTD No
Printlastlog Yes
Tcpkeepalive Yes
#UseLogin No
Useprivilegeseparation Yes # Default forNewinstallations.
#PermitUserEnvironment No
#Compression delayed
#ClientAliveInterval0
#ClientAliveCountMax3
#UseDNS Yes
#PidFile/var/run/sshd.pid
#MaxStartupsTen: -: -
#PermitTunnel No
#ChrootDirectory None
#VersionAddendum None
# Pass Locale Information
Acceptenv LANG lc_*
# nodefaultBanner Path
#Banner None
#Overridedefaultof no subsystems
Subsystem Sftp/usr/libexec/sftp-server
# Example of overriding settings on a per-user basis
#Match User Anoncvs
# x11forwarding No
# allowtcpforwarding No
# forcecommand CVS ServerPay particular attention to these paths hostkey/etc/ssh_host_rsa_keyhostkey/etc/ssh_host_dsa_keyhostkey/etc/ssh_host_ecdsa_key the middle is not/etc/ssh/ ssh_host_rsa_keydev-mini:~ devone$ exit[email protected]:~$ ssh dev-minidev-mini:~ devone$ finally got it done.
