Q: How to force OSX to ask for ssh key passphrase each time?
Hi There,
Title says it all really - is there a way to force OSX to ask for a ssh passphrase each time it's accessed?
We haven't ticked the option to save passphrases into the keychain and require an extra level of security - is this possible?
Cheers
Ben
Posted on Oct 5, 2014 2:52 PM
Awesome Drew - that totally got it sorted!
OSX doesn't ask for the passphrase via the GUI (as per previously) which is not an issue but otherwise it's exactly what I'm after.
For anyone wondering, these are the steps that worked for me:
- Open Terminal
- Unload the ssh-agent.plist file (don't copy $):
$ launchctl unload /System/Library/LaunchAgents/org.openbsd.ssh-agent.plist
- Edit the .plist file (must be done using sudo, upi will be asked for your admin password):
$ sudo nano /System/Library/LaunchAgents/org.openbsd.ssh-agent.plist
- Add the time strings to the programme arguments so it looks like:
…
<key>ProgramArguments</key>
<array>
<string>/usr/bin/ssh-agent</string>
<string>-l</string>
<string>-t</string>
<string>10</string>
</array>
…
- CTR + X then y enter to save the file
- Load the the ssh-agent.plist file:
$ launchctl load /System/Library/LaunchAgents/org.openbsd.ssh-agent.plist
I used a value of 10 which basically means it will always ask for the passphrase each time I connect to the server
Thanks heaps Drew, I've made my post the answer so it's super clear what to do incase anyone searches for this - hope you don't mind.
Cheers
Ben
Posted on Oct 8, 2014 3:43 PM