Retrieve TTL of key from the agent

Damien Miller djm at
Tue Dec 11 08:29:13 EST 2012

On Mon, 10 Dec 2012, Tim Heckman wrote:

> Hello,
> I'm writing a system to maintain keys within an SSH agent, and all of these
> keys will only remain in the agent for a short amount of time. This is done
> to limit access to that key for a short period, as well as to avoid the
> agent from being cluttered up with a large number of unique SSH keys.
> This system decrypts the SSH keys on the disk and then loads them in to the
> agent. I would like to be able to get the key's TTL so I can decide if it's
> worth decrypting the key again and loading it in to the agent, or if I
> should just use the key already in the agent.
> So in short, is there a way to get the TTL for a key in the agent?

No - the agent protocol (detailed in PROTOCOL.agent) doesn't offer any way
to export this information.


More information about the openssh-unix-dev mailing list