Skip to main content

SSH Keys on Mac

📺 Video tutorial

If you're more of a visual learner, watch the video walkthrough of this tutorial.

How to create SSH keys on a Mac

1. Open terminal

Open Finder, then at the top status bar, navigate to Go → Utilities → Terminal. You can also find it by searching for “terminal” in the Search Spotlight.

Your terminal window will drop you into your home directory for the logged in user, and your command prompt will look something like this: name@mymac ~ %. This is where you will begin to type commands to tell the terminal what to do.

2. Generate SSH keys

Type the following command into your terminal (-b 4096 just means byte size).

ssh-keygen -b 4096

3. Select location for keys

You will then be prompted to select a location for the keys. By default, the keys are stored in the ~/.ssh directory with the filenames id_rsa for the private key and for the public key. If you'd prefer to change the location and/or filenames, skip ahead to Step 3a.

Leave this empty to create the key in the default location and press ENTER:

Generating public/private rsa key pair.
Enter file in which to save the key (/Users/constellation/.ssh/id_rsa): ▉

3a. Custom filenames (optional)

Below, you can see that cn_node_id was entered as the name of the key pair. The naming convention is as follows: cn for Constellation Network, node for your node, and id for identification file used. You can choose any name to your liking, however, it's recommended that you use a descriptive name to help identify what the key pair is used for.

Generating public/private rsa key pair.
Enter file in which to save the key (/Users/constellation/.ssh/id_rsa): /Users/constellation/.ssh/cn_node_id

4. Create passphrase

Enter a complex password here. This is the password required to use the private key.

Enter passphrase (empty for no passphrase): ▉

Following that final prompt, your system will generate the SSH key pair:

Your identification has been saved in cn_node_id
Your public key has been saved in
The key fingerprint is:
SHA256:pbMi8Rm73pgQWUxzVag6VDBqi/sI9sVjVdKtkBmuCVw name@mymac
The key's randomart image is:
+---[RSA 3072]----+
| E=o...o.        |
| . .+.+* o       |
| oo oB +..       |
| o.++ =o.        |
| . =+.oS.        |
| ..+++ o         |
|... o==..        |
|*         |
| ....= .         |

You now have a public and private key that you can use to authenticate.

File NameDescription
cn_node_idThis is the private key.
cn_node_id.pubThis is the public key.