Package: ssh Version: 1:3.8.1p1-8.sarge.4 Severity: wishlist File: /usr/bin/ssh-add
MY WISH: :) ssh-add documents -t as: Set a maximum lifetime when adding identities to an agent. unfortunately, this is very true, the effective timeout is somewhere between 0 and the specified number of seconds, which makes this switch hard to use. it would be nice if -t would update the timeout if the key already exists. WHEN DOES IT FAIL: I'd like to do the equivalent of this: ssh-add -t 10 ... ssh ... I.e. add a key for a small number of seconds to limit the time window it could possibly be abused. Unfortunately, if the key already exists, the timeout does not get updated. If one runs a number of ssh-adds in quick succession, the key will time out 10 seconds after it was first added, not 10 seconds after ssh-add was last called. As it is now, I have to do sth. like ssh-add -t7200 as the whole process can take up to two hours (it is uusally much faster, but I need to be sure), which is a much larger window than multiple 10 second windows. -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (700, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.11-rc2 Locale: LANG=C, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Versions of packages ssh depends on: ii adduser 3.63 Add and remove users and groups ii debconf 1.4.48 Debian configuration management sy ii dpkg 1.10.27 Package maintenance system for Deb hi libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an ii libpam-modules 0.76-22 Pluggable Authentication Modules f ii libpam-runtime 0.76-22 Runtime support for the PAM librar ii libpam0g 0.76-22 Pluggable Authentication Modules l hi libssl0.9.7 0.9.7e-2 SSL shared libraries ii libwrap0 7.6.dbs-8 Wietse Venema's TCP wrappers libra ii zlib1g 1:1.2.2-3 compression library - runtime -- debconf information: * ssh/use_old_init_script: true * ssh/privsep_tell: * ssh/forward_warning: * ssh/SUID_client: false ssh/privsep_ask: true * ssh/protocol2_only: true ssh/new_config: true ssh/insecure_telnetd: ssh/encrypted_host_key_but_no_keygen: * ssh/run_sshd: true ssh/insecure_rshd: ssh/ssh2_keys_merged: -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
