Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

wish: document when the SSH key expires #85

Closed
markstos opened this issue May 12, 2021 · 2 comments
Closed

wish: document when the SSH key expires #85

markstos opened this issue May 12, 2021 · 2 comments

Comments

@markstos
Copy link

From reading the source code, it appears the key generated during setup expires in 42 years or essentially never:

https://github.com/FiloSottile/yubikey-agent/blob/main/setup.go#L163

I have no objection to that policy, but I think it's worth a mention in the README, as other Yubikey/SSH solution have defaulted to much shorter expiration lengths.
@FiloSottile
Copy link
Owner

SSH keys don't have expiration dates, that timestamp is only there because it's a required field of the X.509 certificate that is just used as a way to get PIV to store the public key. Even if it were in the past, everything would keep working, and no one outside the YubiKey would know.

What other solutions have expiration?

@markstos
Copy link
Author

I must be thinking of a GPG-based solution I tried. Thanks for the quick reply!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@markstos @FiloSottile