On Wed, Sep 12, 2001 at 07:08:32PM -0500, Cesar Mendoza wrote: > On Wed, Sep 12, 2001 at 01:05:12PM +0200, Richard Atterer wrote: > > On Tue, Sep 11, 2001 at 03:00:44PM -0500, Cesar Mendoza wrote: > > What's really needed is a little work on ssh-agent so that > > - when ssh asks for a DSA passphrase, it also sends it to ssh-agent > > - ssh-agent can expire keys after some time of inactivity > > > I know that but for now we have to work with what we have, don't you > think? >
There's something about a long-running shell script with my secret keys in it that sends shivers down my spine. Not for any specific reason, it just "sounds bad." This functionality should be worked into a patch for ssh-agent. Ask yourself, would you really use this on a security-sensitive box? -- Jacob Kuntz http://www.lucidpark.net/