| 1 |
On 7/15/22 4:11 PM, Neil Bothwick wrote: |
| 2 |
> I've never used it before, mainly because I wasn't aware of its |
| 3 |
> existence until I re-read the ssh-keygen man page, but it seems to |
| 4 |
> be simple timestamps passed to valid-before/valid-after. |
| 5 |
|
| 6 |
I'm not sure that's applicable to /keys/ verses /certificates/. |
| 7 |
|
| 8 |
Excerpt from the ssh-keygen man page: |
| 9 |
|
| 10 |
-V validity_interval |
| 11 |
|
| 12 |
Specify a validity interval when signing a /certificate/. A validity |
| 13 |
interval may consist of a single time, indicating that the /certificate/ |
| 14 |
is valid beginning now and expiring at that time, or may consist of two |
| 15 |
times separated by a colon to indicate an explicit time interval. |
| 16 |
|
| 17 |
Maybe there's something else, but it seems like the validity period is |
| 18 |
for SSH /certificates/ and not SSH /keys/. |
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
-- |
| 23 |
Grant. . . . |
| 24 |
unix || die |
Archives