You created a new ssh key, but are you actually testing it?
I routinely have to create new ssh keys for system users and also verify that they are working correctly. One possible area of confusion is how ssh keys are found by the ssh client.
While most of this information is not specific to osx, since I typically use a macbook running osx, I'll cover a couple of things somewhat specific to osx.
SSH clients will typically default to searching for a private key that exists in the user's home directory in a subdirectory named ".ssh"
So let's assume that you create an ssh key for a new user, utilizing ssh-keygen
ssh-keygen -t ed25519 -N some-new-passphrase -f id_newuser -C "new user"
Should you omit the -N parameter above you will be prompted for a passphrase. In either case, you should use passphrases in almost all situations to protect your system from lost or stolen private keys!!!
So if all goes well, you will now have a new public/private ssh key pair.
On the remote system, you will typically add the public key (id_newuser.pub in this example) to the .ssh/authorized_keys file.
While not the point of this article, you will also need to understand the permission requirements of the user's home .ssh directory and files. Make sure the directory and files are private to the user, or ssh connections will fail.
Time to test
Continue reading "Testing new ssh keys"
So a few years ago I
wrote this article about setting a custom shell prompt that is "Git aware" and shows you your current branch.
The question came up as to whether or not this works on a Mac under OS/X.
I have always advocated avoiding things like WAMP or MAMP because I don't like a bunch of services running on my workstation. I prefer using virtualization to run a *nix distro matching whatever target deployment server I'm going to run under. VMWare, Virtualbox etc. along with the popularity of Vagrant and Docker have tremendous advantages over something like MAMP in my experience. You start the environment when you need it, and stop it when you don't, and there's no problem having 5 different VM's with different stacks and php versions.
For this reason, I have never been all that concerned with setting a git aware shell prompt up on my macbook. But as it's a *nix-like operating system, it has the basics you need to make the shell prompt code work, albeit with 2 required tweaks.
First you have to edit the /etc/profile script so that it will look for and read scripts in an /etc/profile.d directory. sudo vi, nano or whatever you want to edit the /etc/profile script and add this at the bottom:
for sh in /etc/profile.d/*.sh ; do
[ -r "$sh" ] && . "$sh"
done
unset sh
This is simple bourne shell code to read in scripts in the /etc/profile.d directory when you login to a shell. It is a system-wide script, so when you change this, you change it for all users on the system.
Now you just have to create the /etc/profile.d directory.
sudo mkdir /etc/profile.d
Once this is done, you can use the same simple method
described in the original article.
