"If you know you want to use password authentication, you can prevent SSH from offering keys at all by temporarily disabling your SSH_AUTH_SOCK envorionment variable"
I'm not sure that's quite true. From some testing, it seems the only effect that has is to temporarily disable the agent from getting involved. If you were to specify a different private key with the -i flag, ssh would authenticate you with that, and possibly not have to prompt you for a password.
In any case, temporarily disabling the SSH_AUTH_SOCK var was just what I need to solve a different problem, so thanks a lot for the great article!
"If you know you want to use password authentication, you can prevent SSH from offering keys at all by temporarily disabling your SSH_AUTH_SOCK envorionment variable"
I'm not sure that's quite true. From some testing, it seems the only effect that has is to temporarily disable the agent from getting involved. If you were to specify a different private key with the -i flag, ssh would authenticate you with that, and possibly not have to prompt you for a password.
In any case, temporarily disabling the SSH_AUTH_SOCK var was just what I need to solve a different problem, so thanks a lot for the great article!
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/infocus/1812/786#786