diff options
| author | Niall Sheridan <nsheridan@gmail.com> | 2016-04-19 22:50:54 +0100 |
|---|---|---|
| committer | Niall Sheridan <nsheridan@gmail.com> | 2016-04-19 22:50:54 +0100 |
| commit | 7399ba4bf1b3ba3e33085c575de4161bc715aa53 (patch) | |
| tree | 8f19b9e032c1888dc1338c3566cfe8cf29b63db9 | |
| parent | 7c988bf0c7a735d742b543737f70ace902376c90 (diff) | |
Add note on time format
| -rw-r--r-- | README.md | 2 |
1 files changed, 1 insertions, 1 deletions
@@ -61,7 +61,7 @@ Configuration is divided into three sections: `server`, `auth`, and `ssh`. ### ssh - `signing_key`: string. Path to the signing ssh private key you created earlier. - `additional_principals`: array of string. By default certificates will have one principal set - the username portion of the requester's email address. If `additional_principals` is set, these will be added to the certificate e.g. if your production machines use shared user accounts. -- `max_age`: string. If set the server will not issue certificates with an expiration value longer than this, regardless of what the client requests. +- `max_age`: string. If set the server will not issue certificates with an expiration value longer than this, regardless of what the client requests. Must be a valid Go [`time.Duration`](https://golang.org/pkg/time/#ParseDuration) string. - `permissions`: array of string. Actions the certificate can perform. See the [`-O` option to `ssh-keygen(1)`](http://man.openbsd.org/OpenBSD-current/man1/ssh-keygen.1) for a complete list. Note: Cashier does not implement signing host keys at this time. |