Login or Register to Ask a Question and Join Our Community


UNIX for Advanced & Expert Users

How to generate expiring SSH Key ?

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums UNIX for Advanced & Expert Users How to generate expiring SSH Key ?
# 1  
Old 07-24-2012
How to generate expiring SSH Key ?
Hi Gurus,

I am stuck with a problem here for which I need your expert advice.
I need to generate an SSH key in my Sun OS machine which should expire in 2 years. I usually generate the keys using ssh-keygen -t dsa but the keys generated like this would be non-expiring.

I checked for the man pages for ssh-keygen but could not find an option for expiring the key. Another option I could find was to use ssh-add -t xh option which will expire the key in x hrs. Is this the route I should take ? I want to confirm this first since I need to do this in production environment.

Thanks,
Sabari Nath S
# 2  
Old 07-24-2012
Hi Nathsaba,

You are correct with the "ssh-add -t" solution - I think the expirey information is kept with the sshd.

Regards

Dave
# 3  
Old 07-29-2012
I am also thinking of having keys expired in a certain time.
I think that using ssh-add -t n is not what @nathsaba was looking for in the first place, because it's expiring the key added to the agent, not the key itself. The key can be added again after the specified -t n.

To have keys itself expiring I think the only way is to write some script that is keeping track of when keys are added to another server, and then delete the key and the key entries at all servers that have it added in the authorized_keys.
So until anyone else come up with a better idea I will use these scripts.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

Help with password 'maintenance' or maybe I just need to generate ssh keys?

Hi gurus, I am NOT the SA of the servers so very limited on what I can do. Basically the scenario is like this: Every 6 months our password expires and we have to reset them to comply to some password rules. Thing is users, me included, tend to have plaintext copy of this difficult to... (2 Replies)
Discussion started by: newbie_01
2 Replies

2. Shell Programming and Scripting

Generate Join clause based on key data

Hi, I have a file pk.txt which has pk data in following format TableName | PK Employee | id Contact|name,country My Output should be Employee | t1.id=s.id Contact| t1.name=s.name AND t1.country=s.country I started of like this: for LIST in `cat pk.txt` do... (5 Replies)
Discussion started by: wahi80
5 Replies

3. Linux

Generate public key to connect from one ftp server to other server

How to generate public key to connect from one ftp server to other server to use in scripting. (0 Replies)
Discussion started by: sridhardwh
0 Replies

4. Solaris

Solaris 8 ssh public key authentication issue - Server refused our key

Hi, I've used the following way to set ssh public key authentication and it is working fine on Solaris 10, RedHat Linux and SuSE Linux servers without any problem. But I got error 'Server refused our key' on Solaris 8 system. Solaris 8 uses SSH2 too. Why? Please help. Thanks. ... (1 Reply)
Discussion started by: aixlover
1 Replies

5. Solaris

Help Generate SSL key in solaris.

How do I generate an SSL string in solaris 10? (3 Replies)
Discussion started by: Kjons76
3 Replies

6. Shell Programming and Scripting

Using ssh to add register key on ssh server

Hi, I want to use ssh to add a register key on remote ssh server. Since there are space characters in my register key string, it always failed. If there is no space characters in the string, it worked fine. The following is what I have tried. It seems that "ssh" command doesn't care about double... (9 Replies)
Discussion started by: leaftree
9 Replies

7. UNIX for Advanced & Expert Users

Generate Public key for non ssh enabled servers

I am writing a script that needs to access various servers some of which are not ssh enabled. In order to access the ssh enabled servers I am using the following command to generate the public key : ssh-keygen -t rsa Is there a similar command for the other servers as well. If I try to use... (1 Reply)
Discussion started by: ravneet123
1 Replies

8. Shell Programming and Scripting

Generate Public Key when the server is not ssh enabled

I am writing a script that needs to access various servers some of which are not ssh enabled. In order to access the ssh enabled servers I am using the following command to generate the public key : ssh-keygen -t rsa Is there a similar command for the other servers as well. If I try to use... (1 Reply)
Discussion started by: ravneet123
1 Replies

9. UNIX for Advanced & Expert Users

ssh key

Hi all, I have a sshkey which I use to connect from my unix box to a linux box without any issue...... however I downloaded this same key to my laptop and tried to connect to the same linux box but it failed..... As my laptop is running MS Vista I guessing I going have to convert it ...... (1 Reply)
Discussion started by: Zak
1 Replies

10. Cybersecurity

SSH key code versus server key code

Hi, When logging in using SSH access (to a remotely hosted account), I received a prompt to accept a server's key fingerprint. Wrote that string of code down for comparision. Already emailed my host for their listing of the string of code for the server's key fingerprint (for comparison,... (1 Reply)
Discussion started by: Texan
1 Replies
Login or Register to Ask a Question