Summary: After upgrading to macOS Sierra and using SSH to login to an SSH server, I noticed that the passphrase for my SSH key has been permanently That is, after rebooting the system, SSH still knows the passphrase for my SSH key, such that I do not need to enter any passphrase to log in to.
Deploying Python applications typically requiresSSH keys. An SSH key has both a public and a private key file. You canuse the private key to authenticate when syncing remote Gitrepositories, connect to remote servers and automateyour application's deployments viaconfiguration management tools likeAnsible. Let's learn how to generate SSH key pairs onmacOS Sierra.
![Mac os sierra enter passphrase for keyboard Mac os sierra enter passphrase for keyboard](https://www.tecklyfe.com/wp-content/uploads/2016/10/2-ssh-prompt.jpg)
Generating New Keys
Bring up a new terminal window on macOS by going into Applications/Utilitiesand opening 'Terminal'.
The
ssh-keygen
command provides an interactive command line interface forgenerating both the public and private keys. Invoke ssh-keygen
with thefollowing -t
and -b
arguments to ensure we get a 4096 bit RSA key. Notethat you must use a key with 2048 or more bits in macOS Sierra or thesystem will not allow you to connect to servers with it.Optionally, you can also specify your email address with
-C
(otherwiseone will be generated off your current macOS account):The first prompt you will see asks where to save the key. However, there areactually two files that will be generated: the public key and the privatekey.
This prompt refers to the private key and whatever you enter will alsogenerate a second file for the public key that has the same name and
.pub
appended.If you already have a key then specify a new filename. I use manySSH keys so I oftne name them 'test-deploy', 'prod-deploy', 'ci-server'along with a unique project name. Naming is one of those hard computerscience problems, so take some time to come up with a system that works foryou!
Next you will see a prompt for an optional passphrase:
Whether or not you want a passphrase depends on how you will use the key.The system will ask you for the passphrase whenever you use the SSH key,althoughmacOS can store the passphrase in your system Keychainafter the first time you enter it. However, if you are automating deploymentswith a continuous integration server likeJenkins then you will not want a passphrase.
Note that it is impossible to recover a passphrase if it is lost. Keepthat passphrase safe and secure because otherwise a completely new key wouldhave to be generated.
Enter the passphrase (or just press enter to not have a passphrase) twice.You'll see some output like the following:
Your SSH key is ready to use!
What now?
Now that you have your public and private keys, I recommend building anddeploying some Python web apps such as:
- Dialing outbound phone callswith the Bottle web framework
Additional
ssh-keygen
command resources:Questions? Contact me via Twitter@fullstackpythonor @mattmakai. I'm also on GitHub withthe username mattmakai.
See something wrong in this post? Forkthis page's source on GitHuband submit a pull request.
Due to the robust security within Apple’s new macOS operating system, there is a high emphasis on data protection. Whether you’re simply logging in, downloading new software, or trying to delete files or apps from the hard drive, you will always need to input your Mac password. Here are a few ways you can remember or reset it and get back to using your Mac.
How to avoid forgetting passwords?
Often when Mac users forget their passwords, it’s the consequence of having a cluttered Mac. With an overload of information to sieve through every day, people have a tendency to forget information. So, first and foremost, you should clean up your Mac to make sure your new password is the one entering you into a tidy and organised computer.
With CleanMyMac X, you can remove large and unwanted files, organising your digital folders and clearing your physical headspace. With its smart, one-click cleaning approach and powerful scanning, you can swiftly dispose of useless documents and apps which may even be slowing your Mac down. With CleanMyMac, you can launch a Smart Scan, removing systems junk, photo and file duplicates, and everything else that will clog up your Mac.
In addition, this amazing tool is free to download, so what are you waiting for?
How to reset a password
Get a password hint
Before resetting your password, you should always check to see if the password hint jogs your memory. The ‘hint’ is a phrase you entered relating to the password when you first set it up, and is triggered once you make 3 incorrect password attempts:
- Open System Preferences (the app with the cog icon).
- Select ‘Users & Groups.’
- Click the Lock icon in the bottom left to make changes.
- Press the Return key 3 times.
The screen will shake each time you press Return, with the third shake generating the password hint which will appear below the Password field. Hopefully this initiates a Eureka Moment making you remember the Login and brings an end to the password perils.
Sometimes though, the hint doesn’t show up. That’s because the Mac wasn’t set up to show password hints in the Login Options – only modified by logging into your Mac. Fortunately, there are an array of other solutions to finding your password.
Change password from another account
In the event that you happen to share your Mac with another person, and they have their own account, you can use their Login to reset your password. Or, if you have a different account on the Mac that you know the password to, you can recover your Mac admin password by following these steps:
- Click on the Apple logo in the top left of the tools bar and click Log Out.
- Select the alternative account and enter the password.
- Open System Preferences > Users & Groups.
- Click the Lock icon in the bottom left.
- Enter the password again.
- In the Sidebar, select the account with the missing password.
- Click change password.
- Fill in the New Password, Verify and Password Hint fields.
- Click Change Password.
Now, the password for that account has been changed, allowing you to log in using the new password. However, this doesn’t change the password for the Keychain (macOS’s password management system), and you’ll be asked when you log into the account to update the keychain password. This requires you to enter the old forgotten password, so you’ll have to click ‘Create New Keychain’.
This introduces a further problem, because if the other user isn’t the registered Admin, they won’t be able to change the password for you. Luckily, there is an alternative solution to recovering your password.
Use Recovery Mode
Apple provides a tool to replace a Mac’s password through bypassing all of the previous steps. This is the best option if you don’t have a password hint, can’t log in via another account and have completely forgotten your password.
- Turn off your Mac.
- Press the power button whilst holding Command + R.
- The Mac will boot into Recovery Mode – when you see the load bar appear you can let go of the keys.
- Select ‘Disk Utility’ and press Continue.
- Go to Utilities > Terminal.
- Enter ‘resetpassword’ and press the Return key.
- Select the main hard drive.
- Select the User Account (the account you’d like to change).
- Enter a new password and create a password hint.
- Click Save – a warning will appear that the Keychain Password hasn’t changed. Click OK.
- Shut Down your Mac and start it up again. Now you can log in using the new password.
Protect Your Data
Due to the fact Recovery Mode provides a nifty means to resetting the Mac password, you may be wary that anyone can hack your Mac – and once someone accesses your Mac, you’ve usually lost control over it. So, it’s a good job there’s some interventions you can make to prevent this happening.
The best way to protect your data is to active FileVault encryption. This means that the Password Reset option won’t become available unless you unlock it with Disk Utility. To turn it on and set it up:
- Choose Apple > System Preferences > Security & Privacy.
- Click the FileVault tab.
- Click the Lock icon, and enter Login credentials.
- Click Turn on FileVault.
Once done, you will receive a Recovery Key and a password, which you should take note of. If you lose these, your data won’t be able to be recovered and will be lost forever.
Another effective way to protect the data on your Mac is to download tried and tested app CleanMyMac X. With automatic clean-ups and regular system monitors, your data is continuously observed and safeguarded from any piracy or hacking.
Use Target Disk Mode
If all else fails, Target Disk Mode can help you recover whatever you can from the lost Mac. Using another Mac, you can access the hard drive on the lost Mac and save any wanted data.
- Shut down the Mac.
- Connect to another Mac using a FireWire or Thunderbolt cable.
- Start up your Mac and hold the T key while it loads.
- This activates Target Disk Mode.
The hard drive from the lost Mac should now appear, allowing you to recover and save wanted data onto the new Mac.
Thanks for reading and stay tuned!