I barely know what SSH keys are, but last week when I was asked to provide one for an stfp site at work they said create a pair using putty.

Well I googled putty and found a couple different .org domains, one who which said it was legit but not official, and another which said it was official but looked wildly out of date.

Neither one I could find a download for Mac that worked. The one I tried gave a scary “we no longer allow putty sudo access as it’s dangerous” and when I googled this error I could find no explanation to assuage me.

And since I wanted to make sure what I was doing was legit, I searched for alternatives.

Eventually I discovered I could use command line in mac to generate the keys I needed. But first I installed Xcode then ran the command (I used chatgpt to tell me exactly how to get the type and length I needed). It was easy.

Side note, the whole culture of downloading random software and using it with just a single line in a terminal is always sketchy to me too. But I’m not a coder so I’m not used to it.

▲

lanyard-textile 5 days ago | parent | next [-]

It is sketchy. :) Your intuition is correct.

The idea is that you will need to put some trust in the project anyway, since you’re trying to install it. Might as well make it easier with a one line install.

Edit: You should only do this if someone reliable tells you to, honestly. Doing this with truly random projects you aimlessly find is not a good idea.

▲

ok_computer 5 days ago | parent | prev | next [-]

If you hadn’t discovered this already with you mac CLI commands, OpenSSH from OpenSSL ‘ssh-keygen’ command is a good way to create SSH keys in ClI and ships in many OSes or is a lightweight download. The OpenSSL website name is unambiguous, which is a benefit.

https://docs.github.com/en/authentication/connecting-to-gith...

▲

wolf550e 5 days ago | parent | next [-]

OpenSSH and OpenSSL are completely unrelated projects.

	▲	ok_computer 4 days ago \| parent [-]
		Independent projects but not unrelated since there was a historical dependency from OpenSSH to OpenSSL. https://serverfault.com/questions/780476/generating-ssh-keys... My knowledge was a bit outdated by about a decade.

▲

hammock 4 days ago | parent | prev [-]

Ssh-keygen is what I ended up using. At chatgpt recommendation

▲

avhon1 4 days ago | parent | prev [-]

The wikipedia article has links to the official websites, and not to the scams: https://en.m.wikipedia.org/wiki/PuTTY

▲

autoexec 4 days ago | parent | next [-]

This is helpful (and something I've used wikipedia for myself) but it's far from ideal since it wouldn't be too hard for someone to edit that page to point to a malicious domain. Not sure if that's happened before, but I can see it as something that could go unnoticed for a quite a while as long as the target site looks legit enough.

▲

hammock 4 days ago | parent | prev [-]

That’s the outdated looking website I found that didn’t have mac version. I’m guessing I’m supposed to use the Unix version there?

The website I was sketched out by (but tried it anyway, then got the scary error) was puttygen.com which had me install homebrew (whatever that is) and then do “sudo brew install putty”

	▲	zerocrates 4 days ago \| parent \| next [-]
		"Use PuTTY" is more or less advice just for Windows users.
	▲	CRConrad 4 days ago \| parent \| prev \| next [-]
		I think the main reason you couldn't find a mac version to download is that there is none. The closest I saw was a .tr.gz file (i.e. a gzipped Tape ARchive) of Unix source code, but A) I don't know of their definition of "Unix" includes OS X / MacOS; and B) judging from your comments here, you don't seem like the type who would want to install software by downloading, decompressing, and compiling source code. I'm thinking the people who told you to use PuTTY were assuming that you are a Windows user.
	▲	II2II 4 days ago \| parent \| prev [-]
		Homebrew is a reputable package manager (a.k.a. software installer, for Unix applications on the Mac). That said, I'm pretty sure the version of ssh shipping with the Mac could do the key generation for you so you wouldn't need putty.