On demand ssh access

So I have that access to production environment given by my sysadmin, but I do not trust myself. The setup is with private/public keys.

I am looking for a way to make a manual operation before authorizing me to connect to that production environnement like retyping a password or manipulating some files. Anything that I have to do manually will do the job.

Do you have any suggesion?

(Oh, and I am running OS X)

If it isn't already, encrypt your private key, so that you have to type your passphrase when you connect. You can do this with:

openssl rsa -in <old key file> -out <new key file> -aes256

Once you've confirmed it works, delete the unencrypted version.

Also, Ensure that the user you're logging in as has minimal privilges over the production system. Don't log in as (or make frequent use of) root. Ask your sysadmin to set up sudo for any high-privilege commands you do want to run.

Finally, don't bother putting any custom hoops in your own way. Very quickly, you'll get so used to them, that you'll autonomically jump through them without actually doing the thinking that it was supposed to prompt. Far better to just take general care with what you're doing.

That said, as a useful visual clue, setting up the shell background or text to be a different clour can help you rememeber which system you're on.

Setting a passphrase on your private key would satisfy your requirements.

edit: Perhaps a passphrase on a second private key so you aren't as likely to use an SSH agent to cache the authorisation.