envoy icon indicating copy to clipboard operation
envoy copied to clipboard

Published 20 hours ago verified publisher icon vodik

timeout for keys

Open bitwave opened this issue 9 years ago • 4 comments

Specify timeout for the keys stored in memory. So it is more secure.

bitwave avatar Jun 09 '15 17:06 bitwave

I'm not sure how I'd do this. This is just a thin wrapper around the commands. I'm not sure ssh-agent has any way of configuring this while gpg-agent has this already built-in and is configurable.

vodik avatar Jun 09 '15 19:06 vodik

I think it is possible the -t option (see: https://www.freebsd.org/cgi/man.cgi?query=ssh-agent&sektion=1)

bitwave avatar Jun 09 '15 19:06 bitwave

Ah, so it is. I guess the question is how to implement this meaningfully. I'll have to do some research into how this interacts with gpg-agent and what would be a sensible way of configuring it if I add it.

vodik avatar Jun 09 '15 19:06 vodik

The -t flag isn't used, so I guess I could just forward it naively.

vodik avatar Jun 09 '15 20:06 vodik