[Bug 2524] New: config file option to limit the lifetime of added keys

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Tue Jan 12 20:39:57 AEDT 2016


https://bugzilla.mindrot.org/show_bug.cgi?id=2524

            Bug ID: 2524
           Summary: config file option to limit the lifetime of added keys
           Product: Portable OpenSSH
           Version: 7.1p1
          Hardware: 68k
                OS: Mac OS X
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ssh-agent
          Assignee: unassigned-bugs at mindrot.org
          Reporter: spamfaenger at gmx.de

When using ssh-agent I really want all keys that are added to it to
have a lifetime of just x seconds (60 in my case) to prevent me from
accidentally adding a key for the lifetime of ssh-agent and thus risk
compromising it when I login to a compromised machine without knowing
so.

Of course I already only enable forwarding when I need to, but it would
be a really nice second line of defense when I also have to add the key
in question to ssh-agent when I need to.

There is already 'ssh-agent -t 60 ~/.ssh/some_key' and there is also
'ssh-agent -t 60' - but as far as I can figure out there is no value
that I can set in my ~/.ssh/config that will ensure that this is set.

And that's what I want.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list