{"id":6260,"date":"2025-08-04T09:51:56","date_gmt":"2025-08-04T02:51:56","guid":{"rendered":"https:\/\/saidwp.com\/blog\/?p=6260"},"modified":"2025-08-04T09:51:57","modified_gmt":"2025-08-04T02:51:57","slug":"ssh-key-management-macos-sysadmin","status":"publish","type":"post","link":"https:\/\/saidwp.com\/blog\/en\/ssh-key-management-macos-sysadmin\/","title":{"rendered":"Basic SSH Key Management on macOS for Multi\u2011Client Sysadmins"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\"><strong>Why macOS Sysadmins Need Organized SSH Key Management<\/strong><\/h2>\n\n\n\n<p>As a sysadmin, devops engineer, or freelancer that handles several client servers daily, <a href=\"https:\/\/www.openssh.com\/\">SSH<\/a> is a core tool. However, as clients and servers grow, the ~\/.ssh\/ folder can become messy and confusing, leading to incorrect logins, using the wrong keys, and potential security issues.<\/p>\n\n\n\n<p>This article explains a <strong>basic and practical way<\/strong> to manage SSH keys on macOS so you can work faster, safer, and stay organized even when you handle many client servers at once.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Understanding the <\/strong><strong>~\/.ssh\/<\/strong><strong> Folder Structure<\/strong><\/h2>\n\n\n\n<p>When you run ls ~\/.ssh on macOS, you will typically see:<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"564\" src=\"https:\/\/s3.nevaobjects.id\/saidwp-blog\/blog\/wp-content\/uploads\/2025\/08\/03201259\/saidwp-ssh-key-management-sysadmin-2-1024x564.webp\" alt=\"\" class=\"wp-image-6254\" srcset=\"https:\/\/s3.nevaobjects.id\/saidwp-blog\/blog\/wp-content\/uploads\/2025\/08\/03201259\/saidwp-ssh-key-management-sysadmin-2-1024x564.webp 1024w, https:\/\/s3.nevaobjects.id\/saidwp-blog\/blog\/wp-content\/uploads\/2025\/08\/03201259\/saidwp-ssh-key-management-sysadmin-2-400x220.webp 400w, https:\/\/s3.nevaobjects.id\/saidwp-blog\/blog\/wp-content\/uploads\/2025\/08\/03201259\/saidwp-ssh-key-management-sysadmin-2-768x423.webp 768w, https:\/\/s3.nevaobjects.id\/saidwp-blog\/blog\/wp-content\/uploads\/2025\/08\/03201259\/saidwp-ssh-key-management-sysadmin-2-300x165.webp 300w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>before<\/em><\/figcaption><\/figure>\n<\/div>\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><tbody><tr><td><strong>File\/Folder Name<\/strong><\/td><td><strong>Function<\/strong><\/td><\/tr><tr><td>id_rsa, id_ed25519<\/td><td>Private key (should not be shared)<\/td><\/tr><tr><td>.pub<\/td><td>Public key (placed on remote server)<\/td><\/tr><tr><td>config<\/td><td>Mapping host aliases to IPs and specific IdentityFiles<\/td><\/tr><tr><td>known_hosts<\/td><td>Stores fingerprints of servers you have accessed<\/td><\/tr><tr><td>known_hosts.old<\/td><td>Automatic backup of known_hosts when changes occur<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p>known_hosts.old is normally created when macOS backs up your previous known_hosts file due to a change in server fingerprint. It is usually safe to leave it there but you can delete old backup files occasionally if you are sure they are no longer required.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>RSA vs ED25519: Which SSH Key Type Should You Use?<\/strong><\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><tbody><tr><td>Algorithm<\/td><td>Security level (modern standards)<\/td><td>Speed<\/td><td>File size<\/td><td>Recommended use<\/td><\/tr><tr><td>RSA<\/td><td>Good (minimum 3072 bits)<\/td><td>Slower<\/td><td>Larger<\/td><td>Legacy compatibility<\/td><\/tr><tr><td>ED25519<\/td><td>Strong (elliptic curve)<\/td><td>Faster<\/td><td>Smaller<\/td><td>Preferred modern<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p><strong>Recommendation:<\/strong> use ED25519 for new systems as it is faster, safer, and widely supported by modern providers like GitHub and DigitalOcean. RSA is still useful for compatibility in older environments but is no longer the first choice.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Naming Strategies for SSH Keys<\/strong><\/h2>\n\n\n\n<p>Avoid random names like id_ed25519_remote or id_rsa2. Use a structured naming format that is descriptive and scalable:<\/p>\n\n\n\n<div class=\"wp-block-kevinbatdorf-code-block-pro\" data-code-block-pro-font-family=\"Code-Pro-JetBrains-Mono\" style=\"font-size:.875rem;font-family:Code-Pro-JetBrains-Mono,ui-monospace,SFMono-Regular,Menlo,Monaco,Consolas,monospace;line-height:1.25rem;--cbp-tab-width:2;tab-size:var(--cbp-tab-width, 2)\"><span style=\"display:flex;align-items:center;padding:10px 0px 10px 16px;margin-bottom:-2px;width:100%;text-align:left;background-color:#2b2b2b;color:#c7c7c7\">Bash<\/span><span role=\"button\" tabindex=\"0\" style=\"color:#D4D4D4;display:none\" aria-label=\"Copy\" class=\"code-block-pro-copy-button\"><pre class=\"code-block-pro-copy-button-pre\" aria-hidden=\"true\"><textarea class=\"code-block-pro-copy-button-textarea\" tabindex=\"-1\" aria-hidden=\"true\" readonly>&#91;prefix&#93;_&#91;provider&#93;_&#91;client\/project&#93;_&#91;environment&#93;_&#91;year&#93;_&#91;keytype&#93;<\/textarea><\/pre><svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" style=\"width:24px;height:24px\" fill=\"none\" viewBox=\"0 0 24 24\" stroke=\"currentColor\" stroke-width=\"2\"><path class=\"with-check\" stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M9 5H7a2 2 0 00-2 2v12a2 2 0 002 2h10a2 2 0 002-2V7a2 2 0 00-2-2h-2M9 5a2 2 0 002 2h2a2 2 0 002-2M9 5a2 2 0 012-2h2a2 2 0 012 2m-6 9l2 2 4-4\"><\/path><path class=\"without-check\" stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M9 5H7a2 2 0 00-2 2v12a2 2 0 002 2h10a2 2 0 002-2V7a2 2 0 00-2-2h-2M9 5a2 2 0 002 2h2a2 2 0 002-2M9 5a2 2 0 012-2h2a2 2 0 012 2\"><\/path><\/svg><\/span><pre class=\"shiki dark-plus\" style=\"background-color: #1E1E1E\" tabindex=\"0\"><code><span class=\"line\"><span style=\"color: #D4D4D4\">&#91;prefix&#93;_&#91;provider&#93;_&#91;client\/project&#93;_&#91;environment&#93;_&#91;year&#93;_&#91;keytype&#93;<\/span><\/span><\/code><\/pre><\/div>\n\n\n\n<p><strong>Example:<\/strong><\/p>\n\n\n\n<div class=\"wp-block-kevinbatdorf-code-block-pro\" data-code-block-pro-font-family=\"Code-Pro-JetBrains-Mono\" style=\"font-size:.875rem;font-family:Code-Pro-JetBrains-Mono,ui-monospace,SFMono-Regular,Menlo,Monaco,Consolas,monospace;line-height:1.25rem;--cbp-tab-width:2;tab-size:var(--cbp-tab-width, 2)\"><span style=\"display:flex;align-items:center;padding:10px 0px 10px 16px;margin-bottom:-2px;width:100%;text-align:left;background-color:#2b2b2b;color:#c7c7c7\">Bash<\/span><span role=\"button\" tabindex=\"0\" style=\"color:#D4D4D4;display:none\" aria-label=\"Copy\" class=\"code-block-pro-copy-button\"><pre class=\"code-block-pro-copy-button-pre\" aria-hidden=\"true\"><textarea class=\"code-block-pro-copy-button-textarea\" tabindex=\"-1\" aria-hidden=\"true\" readonly>01_do_clientA_dev_2024_ed25519\n02_do_clientA_prod_2024_ed25519\n03_vultr_clientB_2023_ed25519<\/textarea><\/pre><svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" style=\"width:24px;height:24px\" fill=\"none\" viewBox=\"0 0 24 24\" stroke=\"currentColor\" stroke-width=\"2\"><path class=\"with-check\" stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M9 5H7a2 2 0 00-2 2v12a2 2 0 002 2h10a2 2 0 002-2V7a2 2 0 00-2-2h-2M9 5a2 2 0 002 2h2a2 2 0 002-2M9 5a2 2 0 012-2h2a2 2 0 012 2m-6 9l2 2 4-4\"><\/path><path class=\"without-check\" stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M9 5H7a2 2 0 00-2 2v12a2 2 0 002 2h10a2 2 0 002-2V7a2 2 0 00-2-2h-2M9 5a2 2 0 002 2h2a2 2 0 002-2M9 5a2 2 0 012-2h2a2 2 0 012 2\"><\/path><\/svg><\/span><pre class=\"shiki dark-plus\" style=\"background-color: #1E1E1E\" tabindex=\"0\"><code><span class=\"line\"><span style=\"color: #DCDCAA\">01_do_clientA_dev_2024_ed25519<\/span><\/span>\n<span class=\"line\"><span style=\"color: #DCDCAA\">02_do_clientA_prod_2024_ed25519<\/span><\/span>\n<span class=\"line\"><span style=\"color: #DCDCAA\">03_vultr_clientB_2023_ed25519<\/span><\/span><\/code><\/pre><\/div>\n\n\n\n<p>This pattern clearly shows who the key belongs to and where it is used, making later removal or audits much easier.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Organizing SSH per Client Using Subfolders<\/strong><\/h2>\n\n\n\n<p>When a single client has multiple servers (development, staging, production), it is cleaner to group their keys in a separate folder like this:<\/p>\n\n\n\n<div class=\"wp-block-kevinbatdorf-code-block-pro\" data-code-block-pro-font-family=\"Code-Pro-JetBrains-Mono\" style=\"font-size:.875rem;font-family:Code-Pro-JetBrains-Mono,ui-monospace,SFMono-Regular,Menlo,Monaco,Consolas,monospace;line-height:1.25rem;--cbp-tab-width:2;tab-size:var(--cbp-tab-width, 2)\"><span style=\"display:flex;align-items:center;padding:10px 0px 10px 16px;margin-bottom:-2px;width:100%;text-align:left;background-color:#2b2b2b;color:#c7c7c7\">Bash<\/span><span role=\"button\" tabindex=\"0\" style=\"color:#D4D4D4;display:none\" aria-label=\"Copy\" class=\"code-block-pro-copy-button\"><pre class=\"code-block-pro-copy-button-pre\" aria-hidden=\"true\"><textarea class=\"code-block-pro-copy-button-textarea\" tabindex=\"-1\" aria-hidden=\"true\" readonly>~\/.ssh\/\n\u251c\u2500\u2500 clientA\/\n\u2502   \u251c\u2500\u2500 01_do_clientA_dev_2024_ed25519\n\u2502   \u251c\u2500\u2500 02_do_clientA_staging_2024_ed25519\n\u2502   \u2514\u2500\u2500 03_do_clientA_prod_2024_ed25519\n\u251c\u2500\u2500 clientB\/\n\u2514\u2500\u2500 config\n\n(after)<\/textarea><\/pre><svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" style=\"width:24px;height:24px\" fill=\"none\" viewBox=\"0 0 24 24\" stroke=\"currentColor\" stroke-width=\"2\"><path class=\"with-check\" stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M9 5H7a2 2 0 00-2 2v12a2 2 0 002 2h10a2 2 0 002-2V7a2 2 0 00-2-2h-2M9 5a2 2 0 002 2h2a2 2 0 002-2M9 5a2 2 0 012-2h2a2 2 0 012 2m-6 9l2 2 4-4\"><\/path><path class=\"without-check\" stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M9 5H7a2 2 0 00-2 2v12a2 2 0 002 2h10a2 2 0 002-2V7a2 2 0 00-2-2h-2M9 5a2 2 0 002 2h2a2 2 0 002-2M9 5a2 2 0 012-2h2a2 2 0 012 2\"><\/path><\/svg><\/span><pre class=\"shiki dark-plus\" style=\"background-color: #1E1E1E\" tabindex=\"0\"><code><span class=\"line\"><span style=\"color: #D4D4D4\">~\/.ssh\/<\/span><\/span>\n<span class=\"line\"><span style=\"color: #DCDCAA\">\u251c\u2500\u2500<\/span><span style=\"color: #D4D4D4\"> <\/span><span style=\"color: #CE9178\">clientA\/<\/span><\/span>\n<span class=\"line\"><span style=\"color: #DCDCAA\">\u2502<\/span><span style=\"color: #D4D4D4\">   <\/span><span style=\"color: #CE9178\">\u251c\u2500\u2500<\/span><span style=\"color: #D4D4D4\"> <\/span><span style=\"color: #B5CEA8\">01<\/span><span style=\"color: #CE9178\">_do_clientA_dev_2024_ed25519<\/span><\/span>\n<span class=\"line\"><span style=\"color: #DCDCAA\">\u2502<\/span><span style=\"color: #D4D4D4\">   <\/span><span style=\"color: #CE9178\">\u251c\u2500\u2500<\/span><span style=\"color: #D4D4D4\"> <\/span><span style=\"color: #B5CEA8\">02<\/span><span style=\"color: #CE9178\">_do_clientA_staging_2024_ed25519<\/span><\/span>\n<span class=\"line\"><span style=\"color: #DCDCAA\">\u2502<\/span><span style=\"color: #D4D4D4\">   <\/span><span style=\"color: #CE9178\">\u2514\u2500\u2500<\/span><span style=\"color: #D4D4D4\"> <\/span><span style=\"color: #B5CEA8\">03<\/span><span style=\"color: #CE9178\">_do_clientA_prod_2024_ed25519<\/span><\/span>\n<span class=\"line\"><span style=\"color: #DCDCAA\">\u251c\u2500\u2500<\/span><span style=\"color: #D4D4D4\"> <\/span><span style=\"color: #CE9178\">clientB\/<\/span><\/span>\n<span class=\"line\"><span style=\"color: #DCDCAA\">\u2514\u2500\u2500<\/span><span style=\"color: #D4D4D4\"> <\/span><span style=\"color: #CE9178\">config<\/span><\/span>\n<span class=\"line\"><\/span>\n<span class=\"line\"><span style=\"color: #D4D4D4\">(<\/span><span style=\"color: #DCDCAA\">after<\/span><span style=\"color: #D4D4D4\">)<\/span><\/span><\/code><\/pre><\/div>\n\n\n\n<p>Advantages:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>The main ~\/.ssh\/ directory stays tidy<\/li>\n\n\n\n<li>Removing a client simply means deleting their folder<\/li>\n\n\n\n<li>The correct IdentityFile is easy to reference in the config file<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Using <\/strong><strong>~\/.ssh\/config<\/strong><strong> for Faster Server Access<\/strong><\/h2>\n\n\n\n<p>The config file is used to simplify SSH connections by setting aliases and pointing to the correct key files. For example:<\/p>\n\n\n\n<div class=\"wp-block-kevinbatdorf-code-block-pro\" data-code-block-pro-font-family=\"Code-Pro-JetBrains-Mono\" style=\"font-size:.875rem;font-family:Code-Pro-JetBrains-Mono,ui-monospace,SFMono-Regular,Menlo,Monaco,Consolas,monospace;line-height:1.25rem;--cbp-tab-width:2;tab-size:var(--cbp-tab-width, 2)\"><span style=\"display:flex;align-items:center;padding:10px 0px 10px 16px;margin-bottom:-2px;width:100%;text-align:left;background-color:#2b2b2b;color:#c7c7c7\">Bash<\/span><span role=\"button\" tabindex=\"0\" style=\"color:#D4D4D4;display:none\" aria-label=\"Copy\" class=\"code-block-pro-copy-button\"><pre class=\"code-block-pro-copy-button-pre\" aria-hidden=\"true\"><textarea class=\"code-block-pro-copy-button-textarea\" tabindex=\"-1\" aria-hidden=\"true\" readonly>Host clientA-dev\n    HostName 167.xxx.xxx.101\n    User root\n    IdentityFile ~\/.ssh\/clientA\/01_do_clientA_dev_2024_ed25519\n\nHost clientA-prod\n    HostName 167.xxx.xxx.102\n    User root\n    IdentityFile ~\/.ssh\/clientA\/02_do_clientA_prod_2024_ed25519<\/textarea><\/pre><svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" style=\"width:24px;height:24px\" fill=\"none\" viewBox=\"0 0 24 24\" stroke=\"currentColor\" stroke-width=\"2\"><path class=\"with-check\" stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M9 5H7a2 2 0 00-2 2v12a2 2 0 002 2h10a2 2 0 002-2V7a2 2 0 00-2-2h-2M9 5a2 2 0 002 2h2a2 2 0 002-2M9 5a2 2 0 012-2h2a2 2 0 012 2m-6 9l2 2 4-4\"><\/path><path class=\"without-check\" stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M9 5H7a2 2 0 00-2 2v12a2 2 0 002 2h10a2 2 0 002-2V7a2 2 0 00-2-2h-2M9 5a2 2 0 002 2h2a2 2 0 002-2M9 5a2 2 0 012-2h2a2 2 0 012 2\"><\/path><\/svg><\/span><pre class=\"shiki dark-plus\" style=\"background-color: #1E1E1E\" tabindex=\"0\"><code><span class=\"line\"><span style=\"color: #DCDCAA\">Host<\/span><span style=\"color: #D4D4D4\"> <\/span><span style=\"color: #CE9178\">clientA-dev<\/span><\/span>\n<span class=\"line\"><span style=\"color: #D4D4D4\">    <\/span><span style=\"color: #DCDCAA\">HostName<\/span><span style=\"color: #D4D4D4\"> <\/span><span style=\"color: #B5CEA8\">167<\/span><span style=\"color: #CE9178\">.xxx.xxx.101<\/span><\/span>\n<span class=\"line\"><span style=\"color: #D4D4D4\">    <\/span><span style=\"color: #DCDCAA\">User<\/span><span style=\"color: #D4D4D4\"> <\/span><span style=\"color: #CE9178\">root<\/span><\/span>\n<span class=\"line\"><span style=\"color: #D4D4D4\">    <\/span><span style=\"color: #DCDCAA\">IdentityFile<\/span><span style=\"color: #D4D4D4\"> <\/span><span style=\"color: #CE9178\">~\/.ssh\/clientA\/01_do_clientA_dev_2024_ed25519<\/span><\/span>\n<span class=\"line\"><\/span>\n<span class=\"line\"><span style=\"color: #DCDCAA\">Host<\/span><span style=\"color: #D4D4D4\"> <\/span><span style=\"color: #CE9178\">clientA-prod<\/span><\/span>\n<span class=\"line\"><span style=\"color: #D4D4D4\">    <\/span><span style=\"color: #DCDCAA\">HostName<\/span><span style=\"color: #D4D4D4\"> <\/span><span style=\"color: #B5CEA8\">167<\/span><span style=\"color: #CE9178\">.xxx.xxx.102<\/span><\/span>\n<span class=\"line\"><span style=\"color: #D4D4D4\">    <\/span><span style=\"color: #DCDCAA\">User<\/span><span style=\"color: #D4D4D4\"> <\/span><span style=\"color: #CE9178\">root<\/span><\/span>\n<span class=\"line\"><span style=\"color: #D4D4D4\">    <\/span><span style=\"color: #DCDCAA\">IdentityFile<\/span><span style=\"color: #D4D4D4\"> <\/span><span style=\"color: #CE9178\">~\/.ssh\/clientA\/02_do_clientA_prod_2024_ed25519<\/span><\/span><\/code><\/pre><\/div>\n\n\n\n<p>Now logging in becomes as simple as running:<\/p>\n\n\n\n<div class=\"wp-block-kevinbatdorf-code-block-pro\" data-code-block-pro-font-family=\"Code-Pro-JetBrains-Mono\" style=\"font-size:.875rem;font-family:Code-Pro-JetBrains-Mono,ui-monospace,SFMono-Regular,Menlo,Monaco,Consolas,monospace;line-height:1.25rem;--cbp-tab-width:2;tab-size:var(--cbp-tab-width, 2)\"><span style=\"display:flex;align-items:center;padding:10px 0px 10px 16px;margin-bottom:-2px;width:100%;text-align:left;background-color:#2b2b2b;color:#c7c7c7\">Bash<\/span><span role=\"button\" tabindex=\"0\" style=\"color:#D4D4D4;display:none\" aria-label=\"Copy\" class=\"code-block-pro-copy-button\"><pre class=\"code-block-pro-copy-button-pre\" aria-hidden=\"true\"><textarea class=\"code-block-pro-copy-button-textarea\" tabindex=\"-1\" aria-hidden=\"true\" readonly>ssh clientA-prod<\/textarea><\/pre><svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" style=\"width:24px;height:24px\" fill=\"none\" viewBox=\"0 0 24 24\" stroke=\"currentColor\" stroke-width=\"2\"><path class=\"with-check\" stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M9 5H7a2 2 0 00-2 2v12a2 2 0 002 2h10a2 2 0 002-2V7a2 2 0 00-2-2h-2M9 5a2 2 0 002 2h2a2 2 0 002-2M9 5a2 2 0 012-2h2a2 2 0 012 2m-6 9l2 2 4-4\"><\/path><path class=\"without-check\" stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M9 5H7a2 2 0 00-2 2v12a2 2 0 002 2h10a2 2 0 002-2V7a2 2 0 00-2-2h-2M9 5a2 2 0 002 2h2a2 2 0 002-2M9 5a2 2 0 012-2h2a2 2 0 012 2\"><\/path><\/svg><\/span><pre class=\"shiki dark-plus\" style=\"background-color: #1E1E1E\" tabindex=\"0\"><code><span class=\"line\"><span style=\"color: #DCDCAA\">ssh<\/span><span style=\"color: #D4D4D4\"> <\/span><span style=\"color: #CE9178\">clientA-prod<\/span><\/span><\/code><\/pre><\/div>\n\n\n\n<p>No need to remember IP addresses or paths.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Adding zsh Aliases for Even Faster Commands<\/strong><\/h2>\n\n\n\n<p>macOS uses zsh by default. You can create shortcut aliases in your .zshrc file like this:<\/p>\n\n\n\n<div class=\"wp-block-kevinbatdorf-code-block-pro\" data-code-block-pro-font-family=\"Code-Pro-JetBrains-Mono\" style=\"font-size:.875rem;font-family:Code-Pro-JetBrains-Mono,ui-monospace,SFMono-Regular,Menlo,Monaco,Consolas,monospace;line-height:1.25rem;--cbp-tab-width:2;tab-size:var(--cbp-tab-width, 2)\"><span style=\"display:flex;align-items:center;padding:10px 0px 10px 16px;margin-bottom:-2px;width:100%;text-align:left;background-color:#2b2b2b;color:#c7c7c7\">Bash<\/span><span role=\"button\" tabindex=\"0\" style=\"color:#D4D4D4;display:none\" aria-label=\"Copy\" class=\"code-block-pro-copy-button\"><pre class=\"code-block-pro-copy-button-pre\" aria-hidden=\"true\"><textarea class=\"code-block-pro-copy-button-textarea\" tabindex=\"-1\" aria-hidden=\"true\" readonly>alias a-dev=\"ssh clientA-dev\"\n\nalias a-prod=\"ssh clientA-prod\"<\/textarea><\/pre><svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" style=\"width:24px;height:24px\" fill=\"none\" viewBox=\"0 0 24 24\" stroke=\"currentColor\" stroke-width=\"2\"><path class=\"with-check\" stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M9 5H7a2 2 0 00-2 2v12a2 2 0 002 2h10a2 2 0 002-2V7a2 2 0 00-2-2h-2M9 5a2 2 0 002 2h2a2 2 0 002-2M9 5a2 2 0 012-2h2a2 2 0 012 2m-6 9l2 2 4-4\"><\/path><path class=\"without-check\" stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M9 5H7a2 2 0 00-2 2v12a2 2 0 002 2h10a2 2 0 002-2V7a2 2 0 00-2-2h-2M9 5a2 2 0 002 2h2a2 2 0 002-2M9 5a2 2 0 012-2h2a2 2 0 012 2\"><\/path><\/svg><\/span><pre class=\"shiki dark-plus\" style=\"background-color: #1E1E1E\" tabindex=\"0\"><code><span class=\"line\"><span style=\"color: #569CD6\">alias<\/span><span style=\"color: #D4D4D4\"> <\/span><span style=\"color: #9CDCFE\">a-dev<\/span><span style=\"color: #D4D4D4\">=<\/span><span style=\"color: #CE9178\">&quot;ssh clientA-dev&quot;<\/span><\/span>\n<span class=\"line\"><\/span>\n<span class=\"line\"><span style=\"color: #569CD6\">alias<\/span><span style=\"color: #D4D4D4\"> <\/span><span style=\"color: #9CDCFE\">a-prod<\/span><span style=\"color: #D4D4D4\">=<\/span><span style=\"color: #CE9178\">&quot;ssh clientA-prod&quot;<\/span><\/span><\/code><\/pre><\/div>\n\n\n\n<p>Typing <mark style=\"background-color:#e4e4e4\" class=\"has-inline-color has-black-color\"> a-dev <\/mark> in Terminal will immediately connect you to the development server.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Auditing and Maintaining Your SSH Folder (Every 3 to 6 Months)<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Review your ~\/.ssh\/config entries to confirm they are still valid<\/li>\n\n\n\n<li>Check remote server authorized_keys to ensure matching .pub files are still needed<\/li>\n\n\n\n<li>Delete old or unused key pairs (client work that has finished)<\/li>\n\n\n\n<li>Back up the complete .ssh\/ folder in a private Git repository or encrypted password manager<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Conclusion: A Clean SSH Workflow Saves Time and Reduces Risk<\/strong><\/h2>\n\n\n\n<p>Keeping your ~\/.ssh\/ directory organized is essential for anyone who regularly connects to client servers from macOS. <\/p>\n\n\n\n<p>With clear naming structures, per\u2011client folders, a good config setup, and zsh aliases, you can work faster, reduce errors, and stay secure over the long term.<\/p>\n\n\n\n<p>If you need help setting up your server, generating SSH keys, or maintaining WordPress and email VPS systems, feel free to contact:<\/p>\n\n\n\n<p class=\"has-text-align-center has-white-color has-text-color has-background has-link-color wp-elements-20101b72eb4f6e76907b0c59e35759d4\" style=\"background-color:#272590\"><strong><a href=\"https:\/\/saidwp.com\/jasa\/\" target=\"_blank\" rel=\"noreferrer noopener\">    &#8211; Order Jasa SaidWP &#8211; <\/a><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Why macOS Sysadmins Need Organized SSH Key Management As a sysadmin, devops engineer, or freelancer that handles several client servers daily, SSH is a core tool. However, as clients and servers grow, the ~\/.ssh\/ folder can become messy and confusing, leading to incorrect logins, using the wrong keys, and potential security issues. This article explains [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":6253,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[244],"tags":[97,168,127,128],"class_list":["post-6260","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-en","tag-macos","tag-server","tag-ssh","tag-zsh"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Basic SSH Key Management on macOS for Multi\u2011Client Sysadmins - Blog | SaidWP<\/title>\n<meta name=\"description\" content=\"Learn the basics of managing multiple SSH keys on macOS for sysadmins handling many client servers. Covers naming, folder structuring, config usage, and zsh aliases.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/saidwp.com\/blog\/en\/ssh-key-management-macos-sysadmin\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Basic SSH Key Management on macOS for Multi\u2011Client Sysadmins - Blog | SaidWP\" \/>\n<meta property=\"og:description\" content=\"Learn the basics of managing multiple SSH keys on macOS for sysadmins handling many client servers. Covers naming, folder structuring, config usage, and zsh aliases.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/saidwp.com\/blog\/en\/ssh-key-management-macos-sysadmin\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog | SaidWP\" \/>\n<meta property=\"article:published_time\" content=\"2025-08-04T02:51:56+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-08-04T02:51:57+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/s3.nevaobjects.id\/saidwp-blog\/blog\/wp-content\/uploads\/2025\/08\/03200810\/saidwp-ssh-key-management-sysadmin.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"1024\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"SaidWP - Post\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"SaidWP - Post\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/saidwp.com\\\/blog\\\/en\\\/ssh-key-management-macos-sysadmin\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/saidwp.com\\\/blog\\\/en\\\/ssh-key-management-macos-sysadmin\\\/\"},\"author\":{\"name\":\"SaidWP - Post\",\"@id\":\"https:\\\/\\\/saidwp.com\\\/blog\\\/#\\\/schema\\\/person\\\/fd2527877c2f4049e1f118c039ed4f8d\"},\"headline\":\"Basic SSH Key Management on macOS for Multi\u2011Client Sysadmins\",\"datePublished\":\"2025-08-04T02:51:56+00:00\",\"dateModified\":\"2025-08-04T02:51:57+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/saidwp.com\\\/blog\\\/en\\\/ssh-key-management-macos-sysadmin\\\/\"},\"wordCount\":607,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/saidwp.com\\\/blog\\\/en\\\/ssh-key-management-macos-sysadmin\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/s3.nevaobjects.id\\\/saidwp-blog\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/03200810\\\/saidwp-ssh-key-management-sysadmin.webp\",\"keywords\":[\"MacOS\",\"Server\",\"SSH\",\"ZSH\"],\"articleSection\":[\"En\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/saidwp.com\\\/blog\\\/en\\\/ssh-key-management-macos-sysadmin\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/saidwp.com\\\/blog\\\/en\\\/ssh-key-management-macos-sysadmin\\\/\",\"url\":\"https:\\\/\\\/saidwp.com\\\/blog\\\/en\\\/ssh-key-management-macos-sysadmin\\\/\",\"name\":\"Basic SSH Key Management on macOS for Multi\u2011Client Sysadmins - Blog | SaidWP\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/saidwp.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/saidwp.com\\\/blog\\\/en\\\/ssh-key-management-macos-sysadmin\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/saidwp.com\\\/blog\\\/en\\\/ssh-key-management-macos-sysadmin\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/s3.nevaobjects.id\\\/saidwp-blog\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/03200810\\\/saidwp-ssh-key-management-sysadmin.webp\",\"datePublished\":\"2025-08-04T02:51:56+00:00\",\"dateModified\":\"2025-08-04T02:51:57+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/saidwp.com\\\/blog\\\/#\\\/schema\\\/person\\\/fd2527877c2f4049e1f118c039ed4f8d\"},\"description\":\"Learn the basics of managing multiple SSH keys on macOS for sysadmins handling many client servers. Covers naming, folder structuring, config usage, and zsh aliases.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/saidwp.com\\\/blog\\\/en\\\/ssh-key-management-macos-sysadmin\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/saidwp.com\\\/blog\\\/en\\\/ssh-key-management-macos-sysadmin\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/saidwp.com\\\/blog\\\/en\\\/ssh-key-management-macos-sysadmin\\\/#primaryimage\",\"url\":\"https:\\\/\\\/s3.nevaobjects.id\\\/saidwp-blog\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/03200810\\\/saidwp-ssh-key-management-sysadmin.webp\",\"contentUrl\":\"https:\\\/\\\/s3.nevaobjects.id\\\/saidwp-blog\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/03200810\\\/saidwp-ssh-key-management-sysadmin.webp\",\"width\":1024,\"height\":1024,\"caption\":\"ssh key management sysadmin\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/saidwp.com\\\/blog\\\/en\\\/ssh-key-management-macos-sysadmin\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/saidwp.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Basic SSH Key Management on macOS for Multi\u2011Client Sysadmins\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/saidwp.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/saidwp.com\\\/blog\\\/\",\"name\":\"Blog | SaidWP\",\"description\":\"Jasa WP-nya si Said\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/saidwp.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/saidwp.com\\\/blog\\\/#\\\/schema\\\/person\\\/fd2527877c2f4049e1f118c039ed4f8d\",\"name\":\"SaidWP - Post\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/4253b93fa2ef3d268d63a481385921f1985a291cfbe522e59724772966193f17?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/4253b93fa2ef3d268d63a481385921f1985a291cfbe522e59724772966193f17?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/4253b93fa2ef3d268d63a481385921f1985a291cfbe522e59724772966193f17?s=96&d=mm&r=g\",\"caption\":\"SaidWP - Post\"},\"url\":\"https:\\\/\\\/saidwp.com\\\/blog\\\/author\\\/saidwp-post\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Basic SSH Key Management on macOS for Multi\u2011Client Sysadmins - Blog | SaidWP","description":"Learn the basics of managing multiple SSH keys on macOS for sysadmins handling many client servers. Covers naming, folder structuring, config usage, and zsh aliases.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/saidwp.com\/blog\/en\/ssh-key-management-macos-sysadmin\/","og_locale":"en_US","og_type":"article","og_title":"Basic SSH Key Management on macOS for Multi\u2011Client Sysadmins - Blog | SaidWP","og_description":"Learn the basics of managing multiple SSH keys on macOS for sysadmins handling many client servers. Covers naming, folder structuring, config usage, and zsh aliases.","og_url":"https:\/\/saidwp.com\/blog\/en\/ssh-key-management-macos-sysadmin\/","og_site_name":"Blog | SaidWP","article_published_time":"2025-08-04T02:51:56+00:00","article_modified_time":"2025-08-04T02:51:57+00:00","og_image":[{"width":1024,"height":1024,"url":"https:\/\/s3.nevaobjects.id\/saidwp-blog\/blog\/wp-content\/uploads\/2025\/08\/03200810\/saidwp-ssh-key-management-sysadmin.webp","type":"image\/webp"}],"author":"SaidWP - Post","twitter_card":"summary_large_image","twitter_misc":{"Written by":"SaidWP - Post","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/saidwp.com\/blog\/en\/ssh-key-management-macos-sysadmin\/#article","isPartOf":{"@id":"https:\/\/saidwp.com\/blog\/en\/ssh-key-management-macos-sysadmin\/"},"author":{"name":"SaidWP - Post","@id":"https:\/\/saidwp.com\/blog\/#\/schema\/person\/fd2527877c2f4049e1f118c039ed4f8d"},"headline":"Basic SSH Key Management on macOS for Multi\u2011Client Sysadmins","datePublished":"2025-08-04T02:51:56+00:00","dateModified":"2025-08-04T02:51:57+00:00","mainEntityOfPage":{"@id":"https:\/\/saidwp.com\/blog\/en\/ssh-key-management-macos-sysadmin\/"},"wordCount":607,"commentCount":0,"image":{"@id":"https:\/\/saidwp.com\/blog\/en\/ssh-key-management-macos-sysadmin\/#primaryimage"},"thumbnailUrl":"https:\/\/s3.nevaobjects.id\/saidwp-blog\/blog\/wp-content\/uploads\/2025\/08\/03200810\/saidwp-ssh-key-management-sysadmin.webp","keywords":["MacOS","Server","SSH","ZSH"],"articleSection":["En"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/saidwp.com\/blog\/en\/ssh-key-management-macos-sysadmin\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/saidwp.com\/blog\/en\/ssh-key-management-macos-sysadmin\/","url":"https:\/\/saidwp.com\/blog\/en\/ssh-key-management-macos-sysadmin\/","name":"Basic SSH Key Management on macOS for Multi\u2011Client Sysadmins - Blog | SaidWP","isPartOf":{"@id":"https:\/\/saidwp.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/saidwp.com\/blog\/en\/ssh-key-management-macos-sysadmin\/#primaryimage"},"image":{"@id":"https:\/\/saidwp.com\/blog\/en\/ssh-key-management-macos-sysadmin\/#primaryimage"},"thumbnailUrl":"https:\/\/s3.nevaobjects.id\/saidwp-blog\/blog\/wp-content\/uploads\/2025\/08\/03200810\/saidwp-ssh-key-management-sysadmin.webp","datePublished":"2025-08-04T02:51:56+00:00","dateModified":"2025-08-04T02:51:57+00:00","author":{"@id":"https:\/\/saidwp.com\/blog\/#\/schema\/person\/fd2527877c2f4049e1f118c039ed4f8d"},"description":"Learn the basics of managing multiple SSH keys on macOS for sysadmins handling many client servers. Covers naming, folder structuring, config usage, and zsh aliases.","breadcrumb":{"@id":"https:\/\/saidwp.com\/blog\/en\/ssh-key-management-macos-sysadmin\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/saidwp.com\/blog\/en\/ssh-key-management-macos-sysadmin\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/saidwp.com\/blog\/en\/ssh-key-management-macos-sysadmin\/#primaryimage","url":"https:\/\/s3.nevaobjects.id\/saidwp-blog\/blog\/wp-content\/uploads\/2025\/08\/03200810\/saidwp-ssh-key-management-sysadmin.webp","contentUrl":"https:\/\/s3.nevaobjects.id\/saidwp-blog\/blog\/wp-content\/uploads\/2025\/08\/03200810\/saidwp-ssh-key-management-sysadmin.webp","width":1024,"height":1024,"caption":"ssh key management sysadmin"},{"@type":"BreadcrumbList","@id":"https:\/\/saidwp.com\/blog\/en\/ssh-key-management-macos-sysadmin\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/saidwp.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Basic SSH Key Management on macOS for Multi\u2011Client Sysadmins"}]},{"@type":"WebSite","@id":"https:\/\/saidwp.com\/blog\/#website","url":"https:\/\/saidwp.com\/blog\/","name":"Blog | SaidWP","description":"Jasa WP-nya si Said","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/saidwp.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/saidwp.com\/blog\/#\/schema\/person\/fd2527877c2f4049e1f118c039ed4f8d","name":"SaidWP - Post","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/4253b93fa2ef3d268d63a481385921f1985a291cfbe522e59724772966193f17?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/4253b93fa2ef3d268d63a481385921f1985a291cfbe522e59724772966193f17?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4253b93fa2ef3d268d63a481385921f1985a291cfbe522e59724772966193f17?s=96&d=mm&r=g","caption":"SaidWP - Post"},"url":"https:\/\/saidwp.com\/blog\/author\/saidwp-post\/"}]}},"_links":{"self":[{"href":"https:\/\/saidwp.com\/blog\/wp-json\/wp\/v2\/posts\/6260","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/saidwp.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/saidwp.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/saidwp.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/saidwp.com\/blog\/wp-json\/wp\/v2\/comments?post=6260"}],"version-history":[{"count":1,"href":"https:\/\/saidwp.com\/blog\/wp-json\/wp\/v2\/posts\/6260\/revisions"}],"predecessor-version":[{"id":6261,"href":"https:\/\/saidwp.com\/blog\/wp-json\/wp\/v2\/posts\/6260\/revisions\/6261"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/saidwp.com\/blog\/wp-json\/wp\/v2\/media\/6253"}],"wp:attachment":[{"href":"https:\/\/saidwp.com\/blog\/wp-json\/wp\/v2\/media?parent=6260"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/saidwp.com\/blog\/wp-json\/wp\/v2\/categories?post=6260"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/saidwp.com\/blog\/wp-json\/wp\/v2\/tags?post=6260"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}