During a routine security audit, Bob discovers that developers have been adding SSH keys to the running ssh-agent without specifying a lifetime, leaving the keys resident indefinitely. To reduce risk, Bob wants any key he adds to be purged from the agent automatically one hour after it is loaded. Which ssh-add option should he use to set a one-hour lifetime?
ssh-add -t 3600 adds the private key to the agent with a maximum lifetime of 3 600 seconds (one hour). When that time elapses, the agent removes the key automatically-whether or not the key has been used-thereby limiting the window in which the credential is available.
-T tests that a given public key matches a private key already in the agent; it does not set a lifetime.
-x locks the agent with a passphrase, preventing further use of stored keys.
-X unlocks a previously locked agent. None of these alternatives schedule automatic key removal.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does the `-t` option in `ssh-add` do?
Open an interactive chat with Bash
How does `ssh-add` differ from simply adding an SSH key to a config file?
Open an interactive chat with Bash
What is the purpose of `ssh-agent` in conjunction with `ssh-add`?