OpenSSH requires that users be in the ssh-users
group to login.
A public key is recommended, but not required.
# A barebones sshd_config PermitRootLogin no PasswordAuthentication no UsePAM no PrintMotd no PrintLastLog no Subsystem sftp /usr/lib64/misc/sftp-server AllowGroups ssh-users
Don't hash known_hosts so that bash completion will work. Add to ~/.ssh/config
:
HashKnownHosts no
Decide which public key to use. Also see this.
IdentityFile ~/.ssh/id_rsa
SSHD must be enabled in System Preferences > Sharing
with service Remote Login
enabled. A firewall rule must allow access on port 22 as well, which can be setup in System Preferences > Security > Firewall > Advanced
with the following configuration:
The config file for OS X for SSHD is located at /etc/sshd_config
Add these lines to the config file:
PermitRootLogin no PasswordAuthentication no UsePAM no AllowUsers <user-name>
Then restart the SSH server manually from Terminal:
launchctl stop com.openssh.sshd launchctl start com.openssh.sshd
Use the local copy of OpenSSL:
./configure --with-ssl-dir=/usr/local
If looking for ssh-copy-id
, it will be in the contrib
directory.