Re: How can I make SSH with an identity file always demand a password?

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



> On 21 Aug 2021, at 22:19 , matthewhtb@xxxxxxxxxxxxx wrote:
> 
> Hello,
> 
> I hope my question is apt for this list.
> 
> I am using OpenSSH_8.2p1 on Ubuntu 20.04.
> 
> I connect to a remote SSH server with the -i /path/to/file identity file
> option. My local machine asks me for a password for the identity file.
> This is because I created a password when using ssh-keygen.
> 
> However, after I exit from the SSH server, and log back in I am not asked
> for a password. Some kind of caching is happening.

It gets loaded into the ssh-agent for things ssh forwarding

> Is there a way to force the password to be asked on every occasion when
> using an identity file?

unload it from the ssh agent, or remove the ssh agent.

> I have searched but it looks as if everyone wants to avoid using
> passwords, not deliberately attempting to use them.

jumping twenty times an hour between 100 different instances behind jumphosts, you do tend to
focus on only protecting the ssh-agent/key when you aren’t at your desk or the laptop/etc. gets stolen, not while you need to
connect to lots of hosts to type in that 20+ character pass phrase.

I recall there are various settings in the GUI/desktop managers to unload the keys when the screen locker activates
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux