After creating a new encrypted id-rsa key file with ssh-keygen and using it for the first time, I cannot get macOS to forget the passphrase. This is similar to how to make OS X not remember ssh key passphrase question but worse.
I tried rebooting, killing the ssh-agent, locking all my keychains but it still seems to be stored somewhere. However, I cannot find it in any keychains. This seems to be very insecure. The answers to SSH private key password never removed with Keychain/ssh-agent also do not help.
In fact, the dialog that used to appear asking you whether you wanted to store the passphrase or not does not seem to exist anymore.
Best Answer
To disable storing passphrase in keychain you should add following lines to ~/.ssh/config file:
If you already have passphrase stored in keychain you can delete it using commands:
If you would like to have a behavior like in OS X El Capitan or earlier (i.e. passphrase stored until logout or restart) simply add to ~/.ssh/config:
You don't need to start ssh-agent.