diff options
| author | Niall Sheridan <nsheridan@gmail.com> | 2016-06-02 21:55:35 +0100 |
|---|---|---|
| committer | Niall Sheridan <nsheridan@gmail.com> | 2016-06-02 21:55:35 +0100 |
| commit | 1fd3ac5d3ae341f194f87e57a50817c8b965b0d6 (patch) | |
| tree | fa3510760a11a40afff88ceb33192e03c7c572a8 /cmd/cashier | |
| parent | a52d19e9e78d08643ffd4aee0483515d8bae2939 (diff) | |
Set an expiry on keys added to the agent
Diffstat (limited to 'cmd/cashier')
| -rw-r--r-- | cmd/cashier/main.go | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/cmd/cashier/main.go b/cmd/cashier/main.go index 768ebcd..3a34108 100644 --- a/cmd/cashier/main.go +++ b/cmd/cashier/main.go @@ -31,10 +31,12 @@ var ( ) func installCert(a agent.Agent, cert *ssh.Certificate, key key) error { + lifetime := time.Unix(int64(cert.ValidBefore), 0).Sub(time.Now()).Seconds() pubcert := agent.AddedKey{ - PrivateKey: key, - Certificate: cert, - Comment: cert.KeyId, + PrivateKey: key, + Certificate: cert, + Comment: cert.KeyId, + LifetimeSecs: uint32(lifetime), } if err := a.Add(pubcert); err != nil { return fmt.Errorf("error importing certificate: %s", err) |