Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Too many ssh certificates in ssh agent #142

Closed
dopey opened this issue Sep 10, 2019 · 0 comments · Fixed by #143
Closed

Too many ssh certificates in ssh agent #142

dopey opened this issue Sep 10, 2019 · 0 comments · Fixed by #143
Assignees
@dopey
Labels
area/cli Command Line Interface enhancement

Comments

@dopey
Copy link
Contributor

dopey commented Sep 10, 2019

step ssh certificate adds certificate to the ssh-agent without specifying a lifetime.

Remote servers will shut you out if there are too many authentication attempts that result in failure. e.g. if you have too many expired certificates in your ssh agent.

Put a lifetime on ssh certificates that are added to the ssh agent.

index d0a111e..c2fb1a5 100644
--- a/command/ssh/certificate.go
+++ b/command/ssh/certificate.go
@@ -384,8 +384,9 @@ func sshAddKeyToAgent(subject string, cert *ssh.Certificate, priv interface{}) e
     }
     client := agent.NewClient(conn)
     return errors.Wrap(client.Add(agent.AddedKey{
-        PrivateKey:  priv,
-        Certificate: cert,
-        Comment:     subject,
+        PrivateKey:   priv,
+        Certificate:  cert,
+        Comment:      subject,
+        LifetimeSecs: 60 * 60 * 12,
     }), "error adding key to agent")
 }```
@dopey dopey added the area/cli Command Line Interface enhancement label Sep 10, 2019
@dopey dopey self-assigned this Sep 10, 2019
dopey added a commit that referenced this issue Sep 10, 2019
@dopey
Set lifetime for ssh certs added to agent
2c5d46b 
* Fixes #142
@dopey dopey mentioned this issue Sep 10, 2019
Merged
dopey added a commit that referenced this issue Sep 12, 2019
@dopey
Set lifetime for ssh certs added to agent
2ee75de 
* Fixes #142
dopey added a commit that referenced this issue Sep 12, 2019
@dopey
Set lifetime for ssh certs added to agent
6aefd9f 
* Fixes #142
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dopey dopey

Labels
area/cli Command Line Interface enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Set lifetime for ssh certs added to agent smallstep/cli
1 participant
@dopey