Retrieve TTL of key from the agent

Ángel González keisial at
Tue Dec 11 06:50:41 EST 2012

On 10/12/12 18:50, Tim Heckman wrote:
> Hello,
> I'm writing a system to maintain keys within an SSH agent, and all of these
> keys will only remain in the agent for a short amount of time. This is done
> to limit access to that key for a short period, as well as to avoid the
> agent from being cluttered up with a large number of unique SSH keys.
> This system decrypts the SSH keys on the disk and then loads them in to the
> agent. I would like to be able to get the key's TTL so I can decide if it's
> worth decrypting the key again and loading it in to the agent, or if I
> should just use the key already in the agent.
> So in short, is there a way to get the TTL for a key in the agent?
> Thanks!
Hello Tim,
I think there's no message to query the TTL (ie. no).
I'm not sure why you need to decide that in advance, though. Can't you just
use it if it's in the agent or else load it?

More information about the openssh-unix-dev mailing list