On 7/15/22 4:11 PM, Neil Bothwick wrote:
I've never used it before, mainly because I wasn't aware of its
existence until I re-read the ssh-keygen man page, but it seems to
be simple timestamps passed to valid-before/valid-after.
I'm not sure that's applicable to /keys/ verses /certificates/.
Excerpt from the ssh-keygen man page:
-V validity_interval
Specify a validity interval when signing a /certificate/. A validity
interval may consist of a single time, indicating that the /certificate/
is valid beginning now and expiring at that time, or may consist of two
times separated by a colon to indicate an explicit time interval.
Maybe there's something else, but it seems like the validity period is
for SSH /certificates/ and not SSH /keys/.
--
Grant. . . .
unix || die