Force ssh private key to use passphrase everytime
I have some clients with ssh-key based access to servers with passphrase. On clients the passphrase is prompted only for the first time or when client system are rebooted.
Is it possible to force clients to enter passphrase everytime 开发者_如何学JAVAthey try to connect to servers?
Unless you have control over the clients' systems, not really. Typically client systems run a ssh authentication agent that stores the unlocked ssh keys as long as they are logged in. You didn't specify what OS your clients use, in Linux/Unix-distros this is typically achieved with the ssh-agent program included with openssh. OS X integrates the ssh agent in its own Keychain, and in Windows people use e.g. Pageant that is available from the PuTTY site. As this is handled completely in the client side, you can't prevent it from happening from your SSH server configuration unless you disable public key authentication, which is probably not what you want.
精彩评论