Re: Enforce Passphrase on keys

On Thu, Jul 3, 2008 at 7:31 AM, Michael Wisniewski <wiz561@xxxxxxxxx> wrote:
However, how does one go about implementing this if their private key
is on the local system? If the private key is on your server, you
could probably put it in a login script. But being that it is on the
local system, how would you go about verifying the passphrase?

This is not possible. The status of the private key is not passed across
the ssh connection.

I have seen people create a "bastion" host, that allows ssh login, but with
passwords only. Then allow key based auth from there. This gave the
capability of controlling the private key environment.

And, did Galoka think the Ulus were too ugly to save?