[Bug 3145] New: Report on expired certificates in agent when using "ssh-add -l" or "ssh-add -L"

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Wed Apr 8 07:10:31 AEST 2020


https://bugzilla.mindrot.org/show_bug.cgi?id=3145

            Bug ID: 3145
           Summary: Report on expired certificates in agent when using
                    "ssh-add -l" or "ssh-add -L"
           Product: Portable OpenSSH
           Version: -current
          Hardware: All
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ssh-add
          Assignee: unassigned-bugs at mindrot.org
          Reporter: paullkapp at gmail.com

Alternative approach to enhancement in
https://bugzilla.mindrot.org/show_bug.cgi?id=2675

Include in the output of "ssh-add -l" and "ssh-add -L" indicators that
a certificate in the agent is beyond the ValidUntil datetime value,
giving explicit notification that the user should probably delete and
renew an expired certificate.

Currently, ssh-add -l gives no visible distinction that a certificate
listed is (potentially) no longer valid.  Since the actual validity
check is done on the server side, local time checks may not be 100%
accurate in determining the actual validity of a given time-bounded
certificate, so an informational message from the client-side seems
appropriate.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list