Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

10.9: Updating SSH private keys System 10.9
Here is a method for updating SSH private keys to work with OS X 10.9 Mavericks, using Terminal commands.
cd /Users/nameofuser/.ssh
cp id_rsa{,.bak}
chmod +w id_rsa
openssl rsa -in id_rsa -out id_rsa         # decrypt in place
openssl rsa -in id_rsa -aes256 -out id_rsa # encrypt in place
ssh-keygen -y -f id_rsa >       # regen public key
chmod 400 id_rsa
The source of this hint.

[crarko adds: I haven't tested this one. At least not yet. The solution seems to come from a question asked on StackExchange.]
  • Currently 2.67 / 5
  You rated: 1 / 5 (6 votes cast)

Hint Options

10.9: Updating SSH private keys | 3 comments | Create New Account
Click here to return to the '10.9: Updating SSH private keys' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
10.9: Updating SSH private keys
Authored by: Strod on Feb 18, '14 11:02:42AM
A little esoteric for the average Mac user who doesn't knowingly work with public/private keys, but very valuable for those who do. On the other hand, I found interesting the creative use of brackets in the second line:
cp id_rsa{,.bak}
That will certainly come in handy in the future.

[ Reply to This | # ]
10.9: Updating SSH private keys
Authored by: aMacUzur on Feb 18, '14 02:48:25PM

For those who don't know, that's brace expansion and the shell will expand it to become ("cp id_rsa" and nothing plus "cp id_rsa" plus ".bak"):
cp id_rsa id_rsa.bak
(see the "Brace Expansion" section in the bash man page)

While I wouldn't use it like that, since I prefer plain clarity over brevity (and that form is actually harder for me to type), brace expansion can be quite useful, especially when used with variables. E.G.,
eval echo foo{$a..$b}
foo1 foo2 foo3 foo4 foo5

[ Reply to This | # ]
10.9: Updating SSH private keys
Authored by: fracai on Feb 21, '14 05:32:55AM

If you follow the source links to the actual source on StackExchange, you'll find that this is only required to fix user error or if you've made some weird changes to your keys.

I haven't had to perform any of these commands and my keys are working just fine.

I can't even count how many times I've seen "I haven't tested this one." at the bottom of a "hint". You'd think that actually testing the hint would be required before posting it on this site.

Take this one for example. Testing would have involved verify the commands work, that they actually fix a problem, and posting about what is actually being fixed.

How much time is actually put aside for this job?

i am jack's amusing sig file

[ Reply to This | # ]