How do I configure SSH on OS X?

Question

I'm trying to SSH from one Mac running OS X 10.6 to another. Seems to work fine via a password, but I can't get it to use a RSA key instead. Where is the ssh configuration file on OS X and what is the command to reload SSH?

Update

What I'm asking is how to configured advanced options. For example, on Ubuntu there is a ssh config file at /etc/ssh/sshd_config and if you do something like change the port or disable password authentication for a particular user (PasswordAuthentication no) you need to run /etc/init.d/ssh reload to reload the config. I didn't see that file on MacOs, so was just wondering where it was.

I am aware of the ~/.ssh, ~/.ssh/authorized_keys, and ~/.ssh/config config files

score 47 · Accepted Answer · edited Sep 29 '16 at 13:08

47

The SSHD configuration is stored in

/private/etc/ssh/sshd_config

To stop and start SSHD:

sudo launchctl stop com.openssh.sshd
sudo launchctl start com.openssh.sshd

edited Sep 29 '16 at 13:08

Community

1

answered Dec 04 '11 at 00:55

mark

651

score 6 · Answer 2 · answered Dec 02 '21 at 13:55

I found out that in macOS Monterey (12.0), if you just disable PasswordAuthentication, it will still ask for a password (in the keyboard-interactive mode). To fully disable it, you have to set two options in /etc/ssh/sshd_config:

PasswordAuthentication no
ChallengeResponseAuthentication no

And then restart SSH server with these commands:

sudo launchctl unload /System/Library/LaunchDaemons/ssh.plist
sudo launchctl load -w /System/Library/LaunchDaemons/ssh.plist

Or going to System Preferences -> Sharing and unchecking + checking "Remote Login".

wnrph · Answer 3 · 2011-12-03T22:53:51.660

3

You can restart SSH somewhere in the sharing dialogs, but you don't have to. According to the man page on apple.com keys go to the ~/.ssh/authorized_keys file.

edited Dec 03 '11 at 22:53

answered Dec 03 '11 at 20:23

wnrph

3,715
1
28
39

score 3 · Answer 4 · answered Oct 29 '15 at 23:12

3

In OS X El Capitan 10.11, sshd_config is in /private/etc/ssh/sshd_config (same as /etc/ssh/sshd_config)

answered Oct 29 '15 at 23:12

Peter Tseng

311

score 0 · Answer 5 · answered Jan 07 '17 at 08:07

Note that in newer OS X releases it is not enough to enable "Remote login" in System Preferences > Sharing to allow SSH connections to your Mac if the firewall is running.

Go to System Preferences > Security & Privacy > Firewall > Firewall Options. You will see that "Remote login" is listed on the top and incoming connections are allowed. Contrary to expectations this is not sufficient. You have to add another program called /usr/libexec/sshd-keygen-wrapper as well (locate its directory with [Shift-Cmd-G]), using the [+] button and then set "Allow incoming connections" for it. Now you'll be able to SSH into your machine.

How do I configure SSH on OS X?

5 Answers5