Tag Archives: terminal

Yosemite install on USB

Create a Mac OS X bootable USB Thumb Drive (using createinstallmedia)

Leave a reply

Apple stopped making their software available on CD/DVD ages ago. Applications including the entire OS is downloaded only through their App Store.

When you download and install the OS from their App store, it performs an upgrade to the existing operating system. Your applications and a large majority of your settings are preserved. But what if you want to perform a clean install? Wipe everything off and start anew? Well to do that, you’ll need to have the installer on another media. Such as another hard drive you can connect to, a CD/DVD, or flash memory (thumb drive, SD card, etc.).

To transfer the OS installer to a secondary storage media requires more than just copying the installer to the media. It has to be bootable. You will need to install the OS on the secondary media. The general method is to format the target destination (flash memory, hard drive, etc.) and run the installer on the target.

createinstallmedia is an easy way of installing the operating system to the secondary storage media. This was introduced in Mavericks. (Unfortunately I didn’t know about it until now because I skipped Mavericks.) createinstallmedia is packaged in their OS installer. There is no need to download it separately. createinstallmedia is a program that needs to be run in Terminal.

There are numerous tutorials available online (video and writeup). From what I’ve read and seen, the steps require downloading the OS installer, formatting the target media, copying the code and pasting into Terminal, and then executing the code. The tutorial steps are straight forward. If you don’t deviate from them, then you will succeed with a bootable system.

For my tutorial, I’m targeting the command line averse. The method I employ gives more leeway. For example, the majority of the tutorials online have you download the installer from the App Store and leave it alone (that is, don’t move it from the Applications folder). Well, say you’ve downloaded the OS already and have is stored in another folder or another volume (a different hard drive)? If you try to execute the command based on their tutorial, it will fail because the path is wrong. The method I use will ensure the path is filled out correctly. I’m using a USB flash/thumb drive as my target destination, but this should work on any other form of flash memory or external hard drive. The only caveat is the target destination must be large enough to accept the OS (min is about 6GB; 8GB is ideal).

Resources:

Multiple RSA key pairs using ssh-keygen & .ssh/config (Mac OS X tutorial)

Leave a reply

I got tired of typing my password after ssh‘ing to remote servers. After some googling, I found the solution, the ssh-keygen command and ssh-copy-id command. ssh-keygen generates an rsa private/public key pair. Once you generate the keys, you’ll need to store the private key on your computer and the public key to the server. ssh-copy-id command is used to copy the rsa public key onto the remote server. This command will also create the necessary file and change the necessary permissions to make this all work.

I followed a tutorial from Ramesh Natarajan (http://goo.gl/fX68N). I got stuck on trying to copy the public key to the remote server. I’m on a Mac and apparently ssh-copy-id command is not built in. I found the Mac install (located at GitHub, MacPorts or Homebrew) and completed Ramesh’s tutorial. I was able to quickly connect to the remote server without typing in the password… How sweet is that?

All was good until I started to frequently connect to different servers. Ramesh’s tutorial covers a single rsa key pair. For security, it’s best to have a unique rsa key pair for each unique connection . After some searching, this can be accomplished by modifying the ssh-keygen command and using the config file located within the hidden .ssh directory.

I first began by creating another unique rsa key pair:

ssh-keygen -f ~/.ssh/id_rsa_userA -C "userA @ server1"
  • The -f flag specifies the filename of the key file. In the example, it is “id_rsa_userA“. The private key will be “id_rsa_userA” and the public key will be “id_rsa_userA.pub". As you can see from the absolute path, the files will be locate in the home directory and within a hidden .ssh folder.
  • The -C flag is for commenting. The string that follows will be appended to the end of the rsa public key. This helps when you copy the public key to the remote server — you’ll know it was copied because of the comment you provided.

The following is what you will typically see after you execute the previous line of code.

Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase): [enter something complex]
Enter same passphrase again: [confirm by entering it again]
Your public key has been saved in /Users/username/.ssh/id_rsa_userA.pub.
The key fingerprint is:
81:d4:12:cd:57:aa:42:47:12:de:4c:23:6a:34:62:78 userA @ somedomain.com
The key's random art image is:
+--[ RSA 2050]----+
|        ..+0.    |
|         .. .    |
|         *.*     |
|       +.o o     |
|     .. +        |
|      S.  ..     |
|        ..       |
|       o + . . . |
|        .  +o.oE+|
+-----------------+
  • After generating the rsa key pair, you have the option of entering a passphrase. You should do this! Check out this GitHub article on that (http://goo.gl/rR1ebp)
  • The location of the public key is given.
  • The fingerprint and random art image is also generated.

Repeat the ssh-keygen command for the other connections. Be sure to keep the filename of the key file unique and the comment unique, as well as relevant to the connection.

Use ssh-copy-id to copy the public rsa key to the remote server. (Install via GitHub, MacPorts or Homebrew).

ssh-copy-id -i ~/.ssh/id_rsa_userA.pub userA@somedomain.com
  • The -i flag allows you to specify the public key to upload.
  • The last argument (userA@somedomain.com) is the remote host connection info.
  • ssh-copy-id will create the authorized_keys file if it doesn’t exist and append the public key (specified after the-i flag “~/.ssh/id_rsa_userA.pub"). It’ll also update various file and folder permissions.
  • You will be required to type in the account password to access the remote server (note: this is not the “passphrase” you created at the beginning of the tutorial)

Test the connection again by ssh command:

ssh userA@somedomain.com

Mac OS X will then ask for you to enter the “passphrase” you should have created when you used the ssh-keygen command. It is important to check the “Remember password in my keychain” box. By doing this, you eliminate from typing in the “passphrase” every time you login to this specific server.

keyChainBox

This step is not necessary, but once connected to the remote server, you can examine the authorized_keys file:

cat ~/.ssh/authorized_keys
  • Within this file, you should be able to see the long key, followed by the comment included when the ssh-keygen command was executed.

You should log out and try another ssh connection to the same server. This time, the “passphrase” is saved by Keychain Access, so you shouldn’t have type it again. If all is well, you should be instantly connected to the remote server.

Repeat the public key transfer of all the remaining server connections.

Next is to store all the connection info into a config file contained within the .ssh folder. This will speed up connection to the remote servers by assigning shortcut names to each unique connection.

touch ~/.ssh/config
vim ~/.ssh/config
  • The file doesn’t exist, so I’m using touch command to create the file.
  • I’m using Vim to input the connection info.

For demonstration purposes, the following contains basic connection info for two different accounts. There is a lot that you can put into the config file, but I only limited it to basic connection info.

Host userA
  HostName somedomain.com
  User userA
  IdentityFile ~/.ssh/id_rsa_userA

Host userB
  HostName anotherdomain.com
  User userB
  IdentityFile ~/.ssh/id_rsa_userB
  • Host userA and Host userBis are used for pattern matching and applies the declarations that follow it (note the indentation of the lines that follow it). userA and Host userB are the names I choose for their unique connections. This will also be used when you remote connect to the server. It’s the shortcut name, so keep this name unique.
  • HostName somedomain.com and HostName anotherdomain.com states the domain of the remote servers.
  • User userA and User userB states the user account to the corresponding remote server.
  • IdentityFile ~/.ssh/id_rsa_userA and IdentityFile ~/.ssh/id_rsa_userB states the specific private rsa key.
  • More info about what can go inside the config file can be found here http://goo.gl/FEF1a5 or by checking out the manual pages in terminal (man ssh_config)

That’s pretty much it. You can then quickly connect to the remote server, without inputting any password by typing in the connection type (ssh, sftp, etc) followed by the shortcut name as listed in the config file — the one after “Host“. Here are some connection examples:

  • sftp userA
  • ssh userA
  • sftp userB
  • ssh userB