openssh bugs - Jan 2016 - [Bug 2524] New: config file option to limit the lifetime of added keys

https://bugzilla.mindrot.org/show_bug.cgi?id=2524

            Bug ID: 2524
           Summary: config file option to limit the lifetime of added keys
           Product: Portable OpenSSH
           Version: 7.1p1
          Hardware: 68k
                OS: Mac OS X
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ssh-agent
          Assignee: unassigned-bugs at mindrot.org
          Reporter: spamfaenger at gmx.de

When using ssh-agent I really want all keys that are added to it to
have a lifetime of just x seconds (60 in my case) to prevent me from
accidentally adding a key for the lifetime of ssh-agent and thus risk
compromising it when I login to a compromised machine without knowing
so.

Of course I already only enable forwarding when I need to, but it would
be a really nice second line of defense when I also have to add the key
in question to ssh-agent when I need to.

There is already 'ssh-agent -t 60 ~/.ssh/some_key' and there is also
'ssh-agent -t 60' - but as far as I can figure out there is no value
that I can set in my ~/.ssh/config that will ensure that this is set.

And that's what I want.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2524

Martin H?cker <spamfaenger at gmx.de> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Hardware|68k                         |ix86

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2524

Robert <rhbugs at rbu.sh> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |rhbugs at rbu.sh

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2524

Robert <rhbugs at rbu.sh> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |rhbugs at rbu.sh

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2524

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |WONTFIX
                 CC|                            |djm at mindrot.org

--- Comment #1 from Damien Miller <djm at mindrot.org> ---
ssh-agent doesn't read ~/.ssh/config and I don't think we want it to. I
think the existing command-line option is sufficient, sorry.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=2524

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

--- Comment #2 from Damien Miller <djm at mindrot.org> ---
Close all resolved bugs after 7.3p1 release

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.