The version of
ssh that ships with Mac OS X is quite old. If you want a more recent version to use, for instance, ECDSA or ED25519 keypairs you can install a more recent version of
ssh using MacPorts with
sudo port install openssh +gsskex.
Unfortunately, OS X won’t remember your fancy ECDSA or ED25519 key passwords in the KeyChain. This is because the old
ssh-agent is running in the background. This is how to run MacPort’s
- Don’t forget to install
ssh-agentwon’t even try to talk to the KeyChain.
launchctl unload -w /System/Library/LaunchAgents/org.openbsd.ssh-agent.plistto disable Mac’s old
ssh-agent. Note: run this under your user account — not as root.
~/Library/LaunchAgents/org.macports.ssh-agent.plistand open the copy in an editor. In the copy, replace
launchctl load -S Aqua -w ~/Library/LaunchAgents/org.macports.ssh-agent.plistto enable the
ssh-agentfrom MacPorts. Again, run this as under your user account — not as root.
- Logout and login again.
That should do it. These steps are an updated version of this guide.