Retrieve TTL of key from the agent
Tim Heckman
tim+ssh at timheckman.net
Tue Dec 11 10:10:24 EST 2012
On Monday, December 10, 2012 at 2:50 PM, Ángel González wrote:
> Hello Tim,
> I think there's no message to query the TTL (ie. no).
> I'm not sure why you need to decide that in advance, though. Can't you just
> use it if it's in the agent or else load it?
On Monday, December 10, 2012 at 4:29 PM, Damien Miller wrote:
> No - the agent protocol (detailed in PROTOCOL.agent) doesn't offer any way
> to export this information.
>
> -d
What I'm working on is to allow users access to a system for a short period of time without them actually having read/write access to where the keys are stored. There will also be a slight delay between my system checking the status of the agent and the user attempting to connect. As such, there is a window (albeit short) where the key could be gone but the user doesn't know about it.
I was trying to be slick and not have to decrypt the SSH key on each request if the key already exists in the agent. However, I think the best option would be to just add the key each time.
Thank you very much for getting back to me Ángel and Damien. Hope you two have a great holidays and an awesome 2013. :)
-Tim
More information about the openssh-unix-dev
mailing list