Answers to this question explain how to have SSH passphrases added to the keychain when they are entered. Having recently upgraded from a previous version of OSX, I'm used to the passphrases being stored in memory but not in persistent storage. If setting UseKeychain yes causes passphrases to be stored to disk, is there a way to prevent this? IE I'd like to avoid having to re-enter them except after having rebooted. It seems less than ideal to store a passphrase in a location protected with a potentially less secure password.
Asked
Active
Viewed 375 times
1
intuited
- 1,022
1 Answers
2
Set UseKeychain no (the default) and run ssh-add without the -K option.
Note that this does not store the pass phrase in memory; instead, it causes ssh-agent to keep the decrypted key in memory, and subsequent uses of ssh will then work without the need to supply the pass phrase.
If you already have the pass phrase stored in the keychain, you'd need to use the Keychain Access application to find the pass phrase and delete it.
Harald Hanche-Olsen
- 4,149