search for: 07t08

Displaying 3 results from an estimated 3 matches for "07t08".

Did you mean: 0708
2023 Mar 07
2
Feature request: a good way to supply short-lived certificates to openssh
...I've put together a quick POC in go to list expiring certificates: https://gist.github.com/rorycl/d194243c61b349021935c97f751a931e Output is something like: 0 key ssh-ed25519 : is not a certificate 1 key ssh-ed25519-cert-v01 at openssh.com comment: acmeinc_briony_from:2023-03-07T08:18_to:2023-03-07T11:18UTC validity: 2023-03-07 08:37:23 GMT to 2023-03-07 11:37:23 GMT expiring in 60m? true I'd be grateful to Andy if he explained what sort of command he runs to refresh certificates. I understood most refresh arrangements to involve OAuth2. Rory
2023 Mar 06
3
Feature request: a good way to supply short-lived certificates to openssh
On Tue, 7 Mar 2023 at 05:26, Andy Lutomirski <luto at kernel.org> wrote: [...] > ssh_config contains a Match ... exec [command to refresh the certificate]. This sort of works, > except that it runs the command far too frequently. For example, ssh -O exit [name] refreshes > the certificate, and it should not do so. You can have the command check if the cert is expired or near
2023 Mar 07
1
Feature request: a good way to supply short-lived certificates to openssh
...to list expiring > certificates: > https://gist.github.com/rorycl/d194243c61b349021935c97f751a931e > > Output is something like: > > 0 key ssh-ed25519 : is not a certificate > 1 key ssh-ed25519-cert-v01 at openssh.com > comment: acmeinc_briony_from:2023-03-07T08:18_to:2023-03-07T11:18UTC > validity: 2023-03-07 08:37:23 GMT to 2023-03-07 11:37:23 GMT > expiring in 60m? true Nifty, > > I'd be grateful to Andy if he explained what sort of command he runs to > refresh certificates. I understood most refresh arrangements to...