[Bug 3311] Certificate validity "forever" is not documented in PROTOCOL.certkeys

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Thu May 13 20:43:55 AEST 2021


--- Comment #3 from Damien Miller <djm at mindrot.org> ---
"forever" in ssh-keygen sets valid_after=0 and
valid_before=0xffffffffffffffff, so that's not the case you're talking
about here unless you're considering wall clock times before 1970 or
many billions of years in the future:

The other case has nothing to do with certificates (note that the
'opts' variable here is not a key, but another type). It is to support
the authorized_keys "expiry-time" keyword:

You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

More information about the openssh-bugs mailing list