Prerequisites
You should definitely already be using Homebrew. And I quote:
Homebrew installs the stuff you need that Apple didn’t.
Brew provides a nice set of software that you can install and update easily via your command line:
brew update
brew upgrade
Also, for the following we need to add a so called tap, which is homebrew-speak for a repository that contains additional formulae (stuff that tells homebrew how to install more nice software for you). Let's tap into the dupes repo (contains only stuff that is replacing existing OS X stuff, if you install it, so be careful here):
brew tap homebrew/dupes
Also you should install the developer command line tools from Apple. You need them for compiling stuff (thanks to Franz for the hint):
xcode-select --install
New OpenSSL Version
To update OpenSSH we need a recent OpenSSL Version, get it by running
brew install openssl
Update OpenSSH
Now we can already install a fresh OpenSSH:
brew install openssh@6.8 --with-keychain-support
Yeah, done. Almost! We need to tell your OS X to recognize the new SSH installation. If you configured homebrew correctly, you should just be able to use the new ssh executable. Test so by ssh -V
, it should return something like this penSSH_6.9p1, LibreSSL 2.1.8
or a higher version number.
If not so, you probably didn't install homebrew correctly and maybe /usr/local/bin
is not in your PATH
. You get help by executing brew doctor
.
To make your system use the right version of ssh-agent
you need to modify a LaunchAgent file and tell it to search the new ssh-agent at /usr/local/bin
. Do easily so by
sudo sed -i '' 's/\/usr\/bin\/ssh-agent/\/usr\/local\/bin\/ssh-agent/' /System/Library/LaunchAgents/org.openbsd.ssh-agent.plist
Now, add this little script helper to the end of your ~/.bash_profile
:
eval $(ssh-agent)
function cleanup {
echo \"Killing SSH-Agent\"
kill -9 $SSH_AGENT_PID
}
trap cleanup EXIT