强制 ssh 私钥每次都使用密码
[英]Force ssh private key to use passphrase everytime
问题描述
I have some clients with ssh-key based access to servers with passphrase.
我有一些客户端使用基于 ssh 密钥的密码访问服务器。 On clients the passphrase is prompted only for the first time or when client system are rebooted.在客户端上,仅在第一次或重新启动客户端系统时才会提示密码。
Is it possible to force clients to enter passphrase everytime they try to connect to servers?是否可以强制客户端每次尝试连接到服务器时输入密码?
1 个解决方案
解决方案1
1 2011-06-28 06:01:15
Unless you have control over the clients' systems, not really.除非您可以控制客户的系统,否则并非如此。 Typically client systems run a ssh authentication agent that stores the unlocked ssh keys as long as they are logged in. You didn't specify what OS your clients use, in Linux/Unix-distros this is typically achieved with the ssh-agent program included with openssh.通常,客户端系统运行ssh 身份验证代理,只要它们登录,就会存储解锁的 ssh 密钥。您没有指定客户端使用的操作系统,在 Linux/Unix 发行版中,这通常是通过包含的ssh-agent程序实现的与openssh。 OS X integrates the ssh agent in its own Keychain, and in Windows people use eg Pageant that is available from the PuTTY site. OS X 在自己的钥匙串中集成了 ssh 代理,在 Windows 中,人们使用例如从 PuTTY 站点获得的 Pageant。 As this is handled completely in the client side, you can't prevent it from happening from your SSH server configuration unless you disable public key authentication, which is probably not what you want.由于这完全在客户端处理,因此您无法从 SSH 服务器配置中阻止它发生,除非您禁用公钥身份验证,这可能不是您想要的。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.