[Bug 252200] [NEW] ssh-agent does not expire key
Skion
launchpad.net at spam.ennes.net
Sat Jul 26 22:53:36 BST 2008
Public bug reported:
When I add an SSH key to ssh-agent the lifetime (-t) parameter seems to
be ignored:
$ ssh-add -t 1 /home/pieter/.ssh/id_work
$ ssh-add -l
1024 76:a9:b1:c4:af:ef:b5:b9:6e:39:05:91:c9:a2:b7:89 (DSA)
$ ssh [work]
-->OK
Now I wait, and after 1 second, 1 minute, 1 hour I can still login.
However, deleting the key manually:
$ ssh-add -D
All identities removed.
does expire the key correctly:
$ ssh [work]
Permission denied (publickey).
This is risky when you lose a laptop, since the thief has infinite time
to login to your hosts. The key should expire after the set expiry
time...
Environment:
$ lsb_release -rd
Description: Ubuntu 8.04.1
Release: 8.04
$ apt-cache policy openssh-client
openssh-client:
Installed: 1:4.7p1-8ubuntu1.2
Candidate: 1:4.7p1-8ubuntu1.2
Version table:
*** 1:4.7p1-8ubuntu1.2 0
500 http://nl.archive.ubuntu.com hardy-updates/main Packages
500 http://security.ubuntu.com hardy-security/main Packages
100 /var/lib/dpkg/status
1:4.7p1-8ubuntu1 0
500 http://nl.archive.ubuntu.com hardy/main Packages
** Affects: openssh (Ubuntu)
Importance: Undecided
Status: New
--
ssh-agent does not expire key
https://bugs.launchpad.net/bugs/252200
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in ubuntu.
More information about the Ubuntu-server-bugs
mailing list