How to disable SSH passphrase keychain saves in OS X Sierra
I like having my SSH passphrase stored for the duration of my MacBook session, so that I don't have to keep entering it every time I SSH into a server, but when I restart my computer I want to have to enter it again (I don't want my passphrase encrypted and stored on disk in the keychain). This wasn't the case until I upgraded from Mountain Lion to Sierra; ever since then, it has been permanently storing my passphrase in my keychain. I can open the keychain preferences and delete my SSH passphrase, but the next time I SSH into a server and it prompts me for my passphrase, it is immediately added to the keychain again.
How can I get back to what I had with mountain lion, where my passphrase would be stored for the duration of my MacBook session, but then I would need to reenter it the next time I turn my MacBook on again.
Solution 1:
There is a new option UseKeychain
in Sierra, which defaults to yes
and which is a reason for this behavior. If you do not like that, edit the configuration in ~/.ssh/config
(or create this file):
UseKeychain no
AddKeysToAgent yes
The second option will tell the SSH agent to store the keys, which has the same result as if you had used ssh-add
to enter your passphrase beforehand.