learn | unlearn | relearn

How does this headline relate to Xojo?

Well, there are many reasons why it is cool having the possibility to connect remotely to another server. You'll need such an option for a secure connection to your remote server to upload files and make changes on your server. But perhaps you are running a remote Database on an external server, and then again, an SSH connection is a must (at least if you want to run things securely).

Let's prepare our Mac

You will be able to do all the things below with the standard terminal. However, I recommend using a better terminal.app: iTerm2, which you can download here: https://iterm2.com/.

If you don't know why you should install this program, let me tell you that copy&paste on remote servers will be much more comfortable than the standard application. This big plus alone should make you trust me.

Where is the .ssh-folder on my macOS?

Perhaps you are landing on this page because you are missing the ~/.ssh folder on your macOS, but all tutorials are talking about this folder. Generally, the path of your keys and authorizations is: /Users/yourUsername/.ssh (as on most Linux machines).

The solution is simple

This folder doesn't exist on a brand new machine. And once you have done the following steps, you will forget them until you have a brand new Mac in front of you again.

In macOS, you need to generate your public and private keys from the Terminal. If you haven't yet done this, the .ssh directory will not exist. To create them:

Open the terminal App and enter the following command:

ssh-keygen -t rsa

The terminal will now ask you where to store the key. On a brand new system, this is no issue whatsoever. On the contrary, that's what we want, as the above command will create the .ssh folder.

You don't need to define a password, but I highly recommend doing it. But please ensure to memorize it. There will be no chance to recover it in the future in any way!

Be careful if you have already generated keys! In this case, please specify a different name when asked so that your former (old) certificate will NOT be overwritten by the newly created.

The system output will now look like the following:

Generating public/private rsa key pair.
Enter file in which to save the key (/Users/jmu/.ssh/id_rsa): /Users/myUser/.ssh/test/xojo
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /Users/jmu/.ssh/test/xojo.
Your public key has been saved in /Users/jmu/.ssh/test/xojo.pub.
The key fingerprint is:
SHA256:rSZr7WRfcmLyFFG8sX57UXhnO7mHY5YQ+HY3u/TxESU jmu@wontellyou
The key's randomart image is:
+---[RSA 3072]----+
|           ..    |
|           .o    |
|          .. +E..|
|         ...+ ..*|
|        S oo . +=|
|         . .= o*o|
|      ..* =.o+ O*|
|      .*.* =  OoB|
|     .... o  o +=|
+----[SHA256]-----+

When you now look into your folder (in my case: /Users/myUser/.ssh/test/) in your terminal, then you'll find 2 files:

  • One file with the "pub"-extension (that's your public key) and
  • One file without any extension (this is your private key), and you should NEVER share that file with anyone! That's the reason I recommend password protection, as I said above.

Now you are all set up to use a secure connection with a Linux Server. I will describe this in all details in the following article.

But you are now prepared from a macOS perspective to do something like:

sudo ssh myuser@myremoteserver.com

and to connect to a remote server via your public key. I create certs named xojo and my folder  contains now the following files:

Security aspects

Most likely you will have to limit the rights of your created key. This can easily be done via:

chmod 400 ~/.ssh/id_rsa

Please remember to never forget your password for the newly created certificates and to backup them somewhere!

Using our SSH key

The following article is making use of our newly created certificates:

How To Build a Linux Server for Xojo Web 2
With Xojo Web 2, it becomes relatively easy to set up a Server and run yourfirst App. You would not even need an own webserver as a Xojo Web 2 App hasbuilt-in its own. But in today’s world, running a Webapp is one thing; runningit securely a different story. This beginner’s guide aims to enable y…

Further information

For a deeper dive in, look at this very good article from GitHub:

Managing deploy keys - GitHub Docs
Learn different ways to manage SSH keys on your servers when you automate deployment scripts and which way is best for you.

Comments

Sign in or become a jeannot-muller.com member to join the conversation.
Just enter your email below to get a log in link.



You’ve successfully subscribed to jeannot-muller.com
Welcome back! You’ve successfully signed in.
Great! You’ve successfully signed up.
Your link has expired
Success! Check your email for magic link to sign-in.