question about pubkey and passphrase

Fox, Kevin M Kevin.Fox at
Tue Feb 11 04:05:30 AEDT 2020

Ultimately, any client can say whatever it wants to the server. So it would be impossible to 100% guarantee that.

From: openssh-unix-dev < at> on behalf of Harald Dunkel <harald.dunkel at>
Sent: Monday, February 10, 2020 6:10 AM
To: openssh-unix-dev at
Subject: question about pubkey and passphrase

Hi folks,

Since Docker can bind-mount every .ssh directory I am looking for
some way to forbid unprotected private keys.

AFAICS it is currently not possible on the sshd to verify that
the peer's private key was protected by a passphrase. Can you


openssh-unix-dev mailing list
openssh-unix-dev at

More information about the openssh-unix-dev mailing list