How can I make SSH with an identity file always demand a password?

hvjunk hvjunk at
Sun Aug 22 07:29:49 AEST 2021

> On 21 Aug 2021, at 22:19 , matthewhtb at wrote:
> Hello,
> I hope my question is apt for this list.
> I am using OpenSSH_8.2p1 on Ubuntu 20.04.
> I connect to a remote SSH server with the -i /path/to/file identity file
> option. My local machine asks me for a password for the identity file.
> This is because I created a password when using ssh-keygen.
> However, after I exit from the SSH server, and log back in I am not asked
> for a password. Some kind of caching is happening.

It gets loaded into the ssh-agent for things ssh forwarding

> Is there a way to force the password to be asked on every occasion when
> using an identity file?

unload it from the ssh agent, or remove the ssh agent.

> I have searched but it looks as if everyone wants to avoid using
> passwords, not deliberately attempting to use them.

jumping twenty times an hour between 100 different instances behind jumphosts, you do tend to
focus on only protecting the ssh-agent/key when you aren’t at your desk or the laptop/etc. gets stolen, not while you need to
connect to lots of hosts to type in that 20+ character pass phrase.

I recall there are various settings in the GUI/desktop managers to unload the keys when the screen locker activates

More information about the openssh-unix-dev mailing list