I'm using OpenSSH on Linux. For securioty reasons, when I load keys to agent, I use -t option, to limit time of availability of the keys (generally for 10 hours or so).
Is there any way to list all loaded keys with their "expiry" time?
Asked
Active
Viewed 7,076 times
2 Answers
1
As you can see in the ssh-agent protocol specification, there is no field that would expose the timeout to the client.
If you want to use expiry time, but do not want to care about adding them, there is option AddKeysToAgent, which will allow to add the keys to the agent when it is used for the first time.
Jakuje
- 9,715
- 2
- 42
- 45
1
There seems to be no way of listing the lifetime of loaded keys. See https://unix.stackexchange.com/questions/248452/detecting-the-remaining-lifetime-of-an-ssh-agent-identity
ptman
- 28,394
- 2
- 30
- 45