A fresh OS X El Capitan 10.11.3 install on my new Hackintosh broke my well working SSH key based authentication (passwordless). I wasn’t able to connect from a remote systen to my OS X system without getting asked for the password. Before this I created a key based login to the OS X system without any negative feedback. So what the hell is wrong?

To figure out the problem I debugged SSH with the -v option on the remote where I tried to connect to my Hackintosh.

ssh -v USERNAME@example.com

Between all the debug messages I found a very useful information:

debug1: Remote: Ignored authorized keys: bad ownership or modes for directory /Users/USERNAME

Well, this line tells enough. I had to fix the permissions of the /Users/USERNAME folder.

chmod 700 /Users/USERNAME

chmod 700 grants full permissions to the owner, but group and others cannot access it. That’s fine!
Problem solved for me :-)

Mac OS X is sometimes a pain. The system delivers a lot of awesome futures, but more futures will bring more problems. OS X Yosemite Mail problems are well known by many users.

My own mail server is based on Courier, Dovecot and some other services and I never have had any problems with this setup.

But from time to time my outgoing and ingoing mail traffic was broken with Mail on OS X Yosemite. I never changed the configuration – also why, when it’s working very well? So why does it stop working?

But as Apple always says: There are no problems with their software. So what can we do? Apple says: Create a backup and reinstall your system. Funny joke by Apple? No. But I have found a solution that works very well for me – without editing the raw config files, reinstalling the complete system or what ever for crazy and time wasting methods.

Mail automatic detection IMAP

And now disable the automatic detection of the account settings inside the mailbox settings – for both: IMAP/POP and SMTP!

Be sure using the right configuration for your mailbox account (port, SSL option, authentication type, …), otherwise it won’t work.

Mail automatic detection SMTP

The Mail application has reconfigured my mailbox account settings from time to time and I don’t know why. But disabling the automatic detection option did the trick! OS X Mail runs fine and stopped messing up again.

OS X Yosemite looks great but has some strange bugs (See «How to fix the Notification Center on OS X Yosemite»). An other bug is the broken Finder search. I found this after I tried to search files in a unpacked folder of some downloaded files. They were inside the folder, but Finder just didn’t found them. Looks like Spotlight is broken on OS X Yosemite.

Finally I tried to reset Spotlight.

Open the Terminal application (Terminal @Spotlight – this should work!) and run these commands to reset Spotlight:

sudo rm -rf /.Spotlight-V100
sudo rm -rf /.Spotlight-V200
sudo mdutil -i off /
sudo mdutil -i on /
sudo mdutil -E /

The Finder search should work fine right now, but it could break again – just run the commands above again.

Alternatively you could download (or just create your own) the commands bundled to a bash script and run it directly:

wget http://marcel.zurreck.com/files/os_x_spotlight_reset.sh
./os_x_spotlight_reset.sh

A lot of users have problems on OS X Yosemite 10.10 with the Notification Center, it doesn’t store the settings correctly. All custom settings are gone after a restart and you have to configure it again and again… Because I don’t want to loose my precious time I found a easy solution.

Just a few commands to fix it

Just open the Terminal application (you could start the application with Spotlight -> Terminal) and move the NotificationCenter folder (located in your current users ~/Libaray/Application Support/) to your Desktop, just to keep it as backup (I never needed it!)

mv ~/Library/Application\ Support/NotificationCenter ~/Desktop/

Now go to the DARWIN_USER_DIR folder, delete the settings for the Notification Center and kill the Notification Center processes.

cd `getconf DARWIN_USER_DIR`
rm -rf com.apple.notificationcenter
killall usernoted; killall NotificationCenter

I have had to restart my Mac twice to get this work finally, so just do it also.

Let me know if this could fix your problem too!

This tutorial works also with Mavericks and Yosemite.

OS X is based on UNIX, but there are some big differences. On an Linux or UNIX you could easily edit the sshd_config to change the default port. On OS X you have to go a longer way – but it’s still easy. I change the default sshd port after a fresh system installation, or a system upgrade (major upgrade, like from Yosemite to El Capitan will change the port to 22 again…), because of security.

Modify the /etc/services file and add two new entries (in this example I use port 60225):

sudo nano /etc/services
ssh2             60225/udp     # SSH Remote Login Protocol
ssh2             60225/tcp     # SSH Remote Login Protocol

Now you could add a secondary ssh port on OS X. Both values should be the same! Save end exit (CTRL+O and CTRL+X).

Create a copy of your ssh.plist configuration and modify the new file:

sudo cp /System/Library/LaunchDaemons/ssh.plist /System/Library/LaunchDaemons/ssh2.plist
sudo nano /System/Library/LaunchDaemons/ssh2.plist

Rename sshd to sshd2 and ssh to ssh2:

<key>Label</key>
<string>com.openssh.sshd2</string>
...
<key>SockServiceName</key>
<string>ssh2</string>

Reload the ssh2.plist to activate the new port:

sudo launchctl unload /System/Library/LaunchDaemons/ssh2.plist
sudo launchctl load -w /System/Library/LaunchDaemons/ssh2.plist

Test the login:

ssh -l USERNAME localhost -p YOUR_NEW_PORT

For more security you could just change the port 22 inside /etc/services, without adding a second one. Skip the ssh2.plist copy & reload part, just reload the ssh.plist instead.

It’s really easy to use the terminal to install Debian on SD Card for Raspberry Pi with Mac OS X. This method works great and also much better than these AppleScript programs which are asking for your password.

Download latest Debian Raspbian image

Get the latest Raspbian imagen (currently Debian Wheezy 7.5) with your browser from http://www.raspberrypi.org/downloads or directly with curl from your terminal:

cd ~/Downloads/
curl -L http://downloads.raspberrypi.org/raspbian_latest -o raspbian_latest.zip

When the download is complete it’s safer to compare the the SHA-1 checksum with the one on the downloads page:

shasum raspbian_latest.zip

If the checksum matches you can finally unzip the image:

unzip raspbian_latest.zip

Install Raspbian on your SD card

Insert your SD card in your Mac or any SD card reader attached to your Mac, open the terminal and run this:

diskutil list

Now we have to find our SD card. Watch for the correct size or the name and please don’t use your system hard drive!
I use a 16 GB SD card, so I have to take the 15.9 Gi entry which has the name (mount name) NO NAME. It’s the /dev/disk3s1 identifier entry.

/dev/disk0
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                        *121.3 GB   disk0
   1:                        EFI EFI                     209.7 MB   disk0s1
   2:          Apple_CoreStorage                         121.0 GB   disk0s2
   3:                 Apple_Boot Boot OS X               134.2 MB   disk0s3
/dev/disk1
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                        *1.0 TB     disk1
   1:                        EFI EFI                     209.7 MB   disk1s1
   2:          Apple_CoreStorage                         999.3 GB   disk1s2
   3:                 Apple_Boot Recovery HD             650.0 MB   disk1s3
/dev/disk2
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:                  Apple_HFS Macintosh HD           *1.1 TB     disk2
/dev/disk3
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:     FDisk_partition_scheme                        *15.9 GB    disk3
   1:                 DOS_FAT_32 NO NAME                 15.9 GB    disk3s1

You have to unmount this card (remove the “s1” from /dev/disk3s1):

diskutil unmountDisk /dev/disk3
$ Unmount of all volumes on disk3 was successful

Use dd to copy the image on your SD card:

  • You could drag & drop the .img file directly behind sudo df if= to get the correct path
  • Use the same device as used with diskutil unmountDisk
sudo dd if=~/Downloads/2014-06-20-wheezy-raspbian.img of=/dev/disk3 bs=1m

It’s very easy to install Debian on an SD card for a Raspberry Pi, but to copy the image could take really long – depends on the size and performance of the SD card and from your card reader performance.
dd gives us no output but if you want to check if it’s still running just press CTRL + T.

load: 2.01  cmd: dd 32139 uninterruptible 0.00u 1.56s
201+0 records in
200+0 records out
209715200 bytes transferred in 107.578531 secs (1949415 bytes/sec)

dd finishes without any feedback on success, it’s done when it’s done.

Running mount | grep disk3 shows us the new mount point for your SD card:

mount | grep disk3
/dev/disk3s1 on /Volumes/boot (msdos, local, nodev, nosuid, noowners)

Thats it, your SD card is ready to use in your Raspberry Pi after you run:

diskutil unmountDisk /dev/disk3

Simply put your fresh created Raspbian SD card in your Raspberry Pi and power it up.

I have 2 SD Cards for my Raspberry Pi: One is always in use, the second one has a fresh install, so I don’t have to wait if I want to work on a new system.

Enough of entering always the SSH password for an SSH login in your terminal? Follow this fast tutorial to get rid of this problem and enable your SSH login without a password.

On Mac OS X you have to install ssh-copy-id, Linux users should have this already. Simple run the following commands to get it work on your system.

Perhaps you have to create this folder on OS X or some Linux distributions:

mkdir -p /usr/local/bin/

Download the binary from GitHub:

sudo curl https://raw.githubusercontent.com/beautifulcode/ssh-copy-id-for-OSX/master/ssh-copy-id.sh -o /usr/local/bin/ssh-copy-id

Grant access to run the file with the chmod +x:

sudo chmod +x /usr/local/bin/ssh-copy-id

Now it’s time to generate your RSA key-pairs!
Run this command – there is no need to change the location (default: ~/.ssh/id_rsa.pub) and you don’t have to enter a passphrase.

ssh-keygen -t rsa

You will get an output like this:

Generating public/private rsa key pair.
Enter file in which to save the key (/Users/USERNAME/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /Users/USERNAME/.ssh/id_rsa.
Your public key has been saved in /Users/USERNAME/.ssh/id_rsa.pub.
The key fingerprint is:
4b:2f:fa:3a:19:74:24:2b:f1:52:e6:61:ab:53:ce:d3 YOUR_USERNAME@Gorath.local
The key's randomart image is:
+--[ RSA 2048]----+
...
+-----------------+

Finally you have to use the ssh-copy-id command to store your password for the SSH login. Enter your SSH password when you get asked.
Please use your USERNAME and the HOST for the SSH Login (this could be a domain or an IP address). Do you have a different port? 22 is default, at this point you could change it with -p PORTNUMBER.

ssh-copy-id -i ~/.ssh/id_rsa.pub "-p 22 USERNAME@HOST"

Now try to login:

ssh -l USERNAME HOST

Does it work? Congratulations! And by the way, please don’t do this with a root login :-)

×