|
|
|
|
|
|
by lobster_johnson
4225 days ago
|
|
|
Brilliant, I didn't know you could lock them. However, it doesn't solve the agent caching problem. Once a key has been added the agent, Keychain never asks again, even after it's locked. ssh-add has an option "-t <seconds>" to make added keys automatically expire. That will work, but it only works for newly added keys. As far as I can tell, the Keychain helper calls ssh-add to add keys, and I don't see a way to have it pass -t. Edit: Looks like holmar's suggestion below to change the ssh-agent daemon to run with -t would fix this. |
|
|