From 3ff410c695f55b9cf7f5f9be9fc0c417ec64b9e4 Mon Sep 17 00:00:00 2001 From: Mariano Cano Date: Thu, 25 Jul 2019 18:41:32 -0700 Subject: [PATCH] fix ssh validity modifier --- authority/provisioner/sign_ssh_options.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/authority/provisioner/sign_ssh_options.go b/authority/provisioner/sign_ssh_options.go index 3f4412ad..1b981504 100644 --- a/authority/provisioner/sign_ssh_options.go +++ b/authority/provisioner/sign_ssh_options.go @@ -193,7 +193,7 @@ func (m *sshCertificateValidityModifier) Modify(cert *ssh.Certificate) error { diff := time.Duration(cert.ValidBefore-cert.ValidAfter) * time.Second switch { - case diff < max: + case diff < min: return errors.Errorf("ssh certificate duration cannot be lower than %s", min) case diff > max: return errors.Errorf("ssh certificate duration cannot be greater than %s", max)