Re: Enforce Passphrase on keys



On Thu, Jul 3, 2008 at 7:31 AM, Michael Wisniewski <wiz561@xxxxxxxxx> wrote:
However, how does one go about implementing this if their private key
is on the local system? If the private key is on your server, you
could probably put it in a login script. But being that it is on the
local system, how would you go about verifying the passphrase?

This is not possible. The status of the private key is not passed across
the ssh connection.

I have seen people create a "bastion" host, that allows ssh login, but with
passwords only. Then allow key based auth from there. This gave the
capability of controlling the private key environment.

--
And, did Galoka think the Ulus were too ugly to save?
-Centauri



Relevant Pages

  • Re: Enforce Passphrase on keys
    ... I've been trying to dig around and find a way to enforce passphrases ... on private keys when you authenticate. ... how does one go about implementing this if their private key ... local system, how would you go about verifying the passphrase? ...
    (SSH)
  • Enforce Passphrase on keys
    ... I've been trying to dig around and find a way to enforce passphrases ... how does one go about implementing this if their private key ... local system, how would you go about verifying the passphrase? ... My idea is to have the server deny the connection if a ...
    (SSH)