19

I forgot the password to my ssh. I am planning to remove the files (id_rsa, id_rsa.pub and known_hosts) in the directory and starting from scratch. I haven't been using ssh since the whole heartbleed thing and I've cleared out the stuff in the keys before but I think I did it wrong.

My question is how do I recreate the files properly and set up ssh to stop asking me for passwords when I'm connecting to git or other things?

Tarunn
  • 103
  • 5
Mike F
  • 293
  • 1
  • 2
  • 4
  • By the way, read ["Does Heartbleed affect ssh keys?"](http://superuser.com/q/739349/2357). – Cristian Ciupitu May 31 '14 at 02:10
  • 5
    (already marked as dup. so can't answer properly) OS X may well have stored your passphrase in your keychain so you don't have to enter it each time you connect to a server. Open *Keychain Access*, search for "id_rsa" and you should get a result with "SSH:/Users/yourname/.ssh/id_rsa" (your private key) with "Kind" listed as "Application password". You can do Edit > Copy password to clipboard to get it back. You'll be asked for your "login keychain password" – which is just the one you use to login to the Mac's user account. To change passphrase: `cd ~/.ssh` and `ssh-keygen -f id_rsa -p` – William Turrell Mar 03 '16 at 08:21
  • "Copy password to clipboard" didn't do anything for me! – pedroremedios Apr 25 '20 at 22:36

1 Answers1

46

You need to remove your SSH public/private keys, recreate them, and then add your newly created public key to the servers and online services you use.

  • Remove your SSH public/private keys:

     rm ~/.ssh/id_rsa*

  • Recreate the keypair, choosing a new passphrase:

     ssh-keygen -t rsa -f ~/.ssh/id_rsa

  • Add the newly created private key to your OS X Keychain to store the passphrase and manage unlocking it automatically:

     ssh-add -k ~/.ssh/id_rsa

  • Copy the public key to the OS X clipboard for adding to web services like GitHub, etc.

     cat ~/.ssh/id_rsa.pub | pbcopy

  • Add your newly created public key to the ~/.ssh/authorized_keys file of the remote server. Be sure to ensure the correct permissions of both the remote ~/.ssh folder (700) and ~/.ssh/authorized_keys (600). You may want to investigate using ssh-copy-id to ease this process.

Edited on 11/18/2021

Tish Griffiths
  • 3
  • 2
wrksprfct
  • 758
  • 6
  • 6
  • 7
    Thanks. I didn't need to reset it, I searched for id_rsa in my OS X Keychain, and clicked the show password icon. Entered my root password & voila :) – gef Nov 02 '16 at 14:35
  • For some reason OS X was giving me the wrong password when I used the method noted in the comment. So if that happens, definitely try the actual answer as it did solve the issue for me. – CodyEngel Aug 11 '17 at 14:00
  • Funny thing - I got that "wrong password" issue as well. It seems to be showing something "else" there. – Fattie Nov 26 '18 at 07:23
  • @gef - thank you for saving me unnecessary grief and time. I wonder if this can be done on non-MacOSX machines in some way. – perennial_noob Nov 15 '19 at 05:35