====== Managing SSH Keys: A Guide for OS X ======



===== SSHKeychain =====

SSHKeychain provides a great UI for managing your SSH Keys and integrates fully with Mac OS X keychain. This guide will explain how to setup SSHKeychain to manage your keys for connecting to a Joyent Accelerator. 

==== Downloading and Installing ====

   * Download the latest SSHKeychain from here: http://www.sshkeychain.org/download.php
   * Install SSHKeychain in your ''/Applications'' folder: drag-and-drop the SSHKeychain icon from the mounted DMG volume to your Applications folder.
   * Open SSHKeychain:
{{all-accelerators:kb:ssh:sshkeychain-icon.png|SSHKeychain Icon}}
   * If you're on Leopard you'll be presented with the usual warning about opening an application downloaded from the Internet.

==== Configuring SSHKeychain ====

  - Click the SSHKeychain Application menu, **Preferences...** to open the preference panes.
  - //Optional:// Under the **General** pane, check **Check for updates on startup** checkbox.
  - //Optional:// If you want to use a version of SSH different from that which came with OS X, such as the ''openssh'' package that is provided with MacPorts, then change the **SSH tools path** (in the case of MacPorts, ''/opt/local/bin/''). //Most users won't need to change this.//
  - Under the **Display** pane, select how you want SSHKeychain to be displayed next time you open the Application. The OS X status bar will most likely be preferable for most users:
    {{all-accelerators:kb:ssh:ssh-display.png|SSHKeychain Display Preferences}}
  - Click the **Environment** pane, and check **Manage (and modify) global environment variables**:
    {{all-accelerators:kb:ssh:environment.png|SSHKeychain Environment Preferences}}
  - Click the **SSH Keys** pane. By default you may see your id_dsa key. However, you may have created a separate key for use with Joyent hosting. In this example, we have created a 'JoyentAccelerator' key for use with all of our Joyent Accelerator accounts.
     - **To use a key created from the command-line earlier:** click the plus sign, navigate to the ''/User/YOURUSERNAME/.ssh'' directory and select the key file. {{all-accelerators:kb:ssh:ssh-keys-open.png|Open Key file}}
     - **To create a new key now:** 
        - click the **New...** button.
        - for **Path**, click ''Select...'', navigate to your to the ''/User/YOURUSERNAME/.ssh'' directory, then type the filename you would like to save your key as, such as ''JoyentAccelerator''.
        - leave **Type** as ''dsa'' and **Nr. of bits** as ''1024'', unless you are an advanced user and know the difference between the two encryption algorithms. 
        - in the **Passphrase** field, enter a suitable passphrase for the key. Ensure that this is a strong password, and not easy to guess. You can leave the passphrase blank, but this negates the need for SSHKeychain to manage keys.
        - click **OK** to save your new key.
  - That's it. But its recommended to logout and log back on again.

==== SSHKeychain on startup ====

Go to System Preferences -> Accounts. Under "Login Items" you can add SSHKeychain

===== See Also =====

===== References =====