Saturday, August 4, 2012

Password-Free SSH on OS X Mountain Lion

I had set up my home network with password-free ssh access between various Mac computers. But when I recently upgraded to OS X Mountain Lion, this stopped working.

Turns out /etc/sshd_config is modified during Mountain Lion installation. The following line gets unchecked:

# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
AuthorizedKeysFile      .ssh/authorized_keys

Once I had renamed ~/.ssh/authorized_keys2 to ~/.ssh/authorized_keys on my Mountain Lion computers, everything worked fine again.

Friday, July 6, 2012

Send Emails via Gmail from Terminal in Mac OS X Server

It took me a while to figure this out, so I'm hoping it might save somebody else the trouble of scouring the web for the relevant info. You can send emails from the Terminal in Mac OS X with the following commands:
 Subject: Hi there!
 This is the body of the email.
 This is another line in the email body.
 <ctrl + d>
Note: <enter> means hit the enter key, and <ctrl + d> means type 'd' while holding the control key.

However, this won't actually send an email unless you have a mail server running. As far as I can tell, you have two options for setting up a mail server - either churn out a series of incomprehensible commands in a Terminal window, or use Mac OS X Server's Server Admin utility to configure the Mail Service using a (somewhat) friendly GUI.

I went for the latter option - I just wanted to get this up and running using my gmail account with the minimum of fuss. Unfortunately, it didn't work right off the bat - having configured the gmail smtp server along with my username and password, I was seeing frustrating "Timed out" errors in the logs and my test mails weren't getting sent. Turns out some ISPs block port 25 - so I needed to specify port 587 in the hostname. Then I was getting some even more meaningless errors along the lines of "Must issue a STARTTLS command first". I mean what is that? Thankfully, google to the rescue again - this great blog had all the answers.

Step-By-Step Instructions

1. Launch the Server Admin utility, located in Applications/Server

2. In the Settings tab, fill in the settings as per the screenshot below. The Domain name and Host name are ignored, so just fill in anything. The key settings are highlighted in red:

Note: the gmail account you specify in the "Authenticate to relay with user name:" box will be used as the From Address for all emails you send from the command line.

3. Add the following lines to /etc/postfix/ (don't ask me why):
 smtp_tls_security_level = may
 smtp_sasl_security_options = noanonymous

That's it - you can now send mails from a Terminal window!

Update: Mountain Lion
30 Aug 2012

After upgrading to Mountain Lion and installing OS X Server, my mail stopped working. I had to make the following change to /Library/Server/Mail/Config/postfix/ to get it working again:
# Change this line:
#smtp_sasl_password_maps = hash:/etc/postfix/sasl/passwd
# To this:
smtp_sasl_password_maps = hash:/Library/Server/Mail/Config/postfix/sasl/passwd

Hope it helps someone!

Update: Mountain Lion #2
23 Oct 2012

I've just had to reinstall OS X after a hard disk failure, and found that the above changes weren't sufficient to get command-line email working again. For Mountain Lion, after installing and starting OS X Server, and configuring the Mail service in the Server application to use the gmail SMTP relay, I had to do only the following on the command-line:
sudo vi /Library/Server/Mail/Config/postfix/
I changed this line:
# By default is 'no' so change to 'yes'
smtpd_use_tls = yes
And added the following two lines at the end:
# By default not included in the config, so add these lines
smtp_tls_security_level = may
smtp_sasl_security_options = noanonymous
After that, I stopped and started Mail using the Server application, and command-line email now worked correctly.