¿Cómo puedo restaurar ssh en mi mac?

He roto ssh inicios de sesión sin contraseña en MacA y MacB en mi LAN. (Catalina y Monterey.) Quería escribir una receta sencilla, de poca paranoia y sin necesidad de entenderla, para configurar ssh sin contraseña para varios usuarios en dos Macs locales. Para empezar desde cero, borré ~/.ssh de cada usuario.

De los muchos artículos que encontré deduje que correr ssh-keygen (sin argumentos) en MacA y aceptando los valores por defecto, y luego copiando el ~/.ssh resultante a un usuario en MacB sería suficiente para permitirme entrar por ssh como ese usuario, así como para volver a entrar por ssh en MacA.

(Una fuente orientada a Linux mencionó el uso de ssh-copy-id para copiar las claves públicas/privadas a MacB. Encontré esto en /usr/bin y lo probé, pero todo lo que hizo fue crear un archivo en .ssh/ llamado authenticated_hosts -- no copió id_rsa o id_rsa.pub. Así que abandoné eso).

Como último esfuerzo utilicé homebrew para instalar openSSL, pero nada cambió.

En cualquier caso, una vez que tenía duplicado ~/.ssh en ambos usuarios, con los archivos de clave pública y privada en ambos y los permisos verificados (700 en .ssh, 600 en id_rsa y 644 en id_rsa.pub), probé a ejecutar ssh user@macb.local de MacA, pero siempre se me pide una contraseña.

Te agradecería que me echaras una mano. Aquí está la salida verbosa:

OpenSSH_9.0p1, OpenSSL 1.1.1n  15 Mar 2022
debug1: Reading configuration data /opt/homebrew/etc/ssh/ssh_config
debug1: Connecting to retsina.local [fe80::b79e:86e0:dfcc%en0] port 22.
debug1: Connection established.
debug1: identity file /Users/chap/.ssh/id_rsa type 0
debug1: identity file /Users/chap/.ssh/id_rsa-cert type -1
debug1: identity file /Users/chap/.ssh/id_ecdsa type -1
debug1: identity file /Users/chap/.ssh/id_ecdsa-cert type -1
debug1: identity file /Users/chap/.ssh/id_ecdsa_sk type -1
debug1: identity file /Users/chap/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /Users/chap/.ssh/id_ed25519 type -1
debug1: identity file /Users/chap/.ssh/id_ed25519-cert type -1
debug1: identity file /Users/chap/.ssh/id_ed25519_sk type -1
debug1: identity file /Users/chap/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /Users/chap/.ssh/id_xmss type -1
debug1: identity file /Users/chap/.ssh/id_xmss-cert type -1
debug1: identity file /Users/chap/.ssh/id_dsa type -1
debug1: identity file /Users/chap/.ssh/id_dsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_9.0
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.1
debug1: compat_banner: match: OpenSSH_8.1 pat OpenSSH* compat 0x04000000
debug1: Authenticating to retsina.local:22 as 'chap'
debug1: load_hostkeys: fopen /Users/chap/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /opt/homebrew/etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /opt/homebrew/etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ssh-ed25519 SHA256:LPhM+eeposmTyzQiRXnh92AUZr/9MIrMgiW3VjLHCQM
debug1: load_hostkeys: fopen /Users/chap/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /opt/homebrew/etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /opt/homebrew/etc/ssh/ssh_known_hosts2: No such file or directory
debug1: Host 'retsina.local' is known and matches the ED25519 host key.
debug1: Found key in /Users/chap/.ssh/known_hosts:1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: get_agent_identities: ssh_fetch_identitylist: agent contains no identities
debug1: Will attempt key: /Users/chap/.ssh/id_rsa RSA SHA256:sEwBJnORX9BWQ5itF6CoX36w7jcl6E0Lcnkunvh4ew8
debug1: Will attempt key: /Users/chap/.ssh/id_ecdsa
debug1: Will attempt key: /Users/chap/.ssh/id_ecdsa_sk
debug1: Will attempt key: /Users/chap/.ssh/id_ed25519
debug1: Will attempt key: /Users/chap/.ssh/id_ed25519_sk
debug1: Will attempt key: /Users/chap/.ssh/id_xmss
debug1: Will attempt key: /Users/chap/.ssh/id_dsa
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering public key: /Users/chap/.ssh/id_rsa RSA SHA256: [HIDDEN]
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Trying private key: /Users/chap/.ssh/id_ecdsa
debug1: Trying private key: /Users/chap/.ssh/id_ecdsa_sk
debug1: Trying private key: /Users/chap/.ssh/id_ed25519
debug1: Trying private key: /Users/chap/.ssh/id_ed25519_sk
debug1: Trying private key: /Users/chap/.ssh/id_xmss
debug1: Trying private key: /Users/chap/.ssh/id_dsa
debug1: Next authentication method: keyboard-interactive
(chap@retsina.local) Password: