Configure Public Key Authentication for SFTP using OpenSSH
Public-key authentication allows you to connect to a remote server without a password. Instead, public-key authentication uses two keys:
Private key kept in a file and protected with a password.
Public key placed on the server usually by the system administrator.
Run the command
ssh-keygen
from the Terminal.app (macOS) or Console (Windows) to generate a public/private pair of keys. They will be put in your directory~/.ssh
, though you will probably be asked to approve or change this location. When you generate the keys you will be asked for a passphrase. If you use a passphrase, then you will have to enter it when connecting. Use the key format (-m PEM
) to create the keys in OpenSSLPEM
format. Specify the type of key with the parameter-t
as eitherecdsa
,ed25519
orrsa
.ssh-keygen -m PEM -t rsa
Copy the public key to the server you wish to access and add it to the file
authorized_keys
in your~/.ssh
directory.Tip
You may need to create the file if it does not exist.
This will cause the server to allow authenticating with your corresponding private key.
ssh hostname < ~/.ssh/id_rsa.pub 'cat >> .ssh/authorized_keys'
In the Bookmark or Connection window, select Use Public Key Authentication and select the private key in your
~/.ssh
directory. When connecting, you will be prompted to enter the password for the private key. Choose Save Password to save the password.