How to set SSH Key Expiry for the gateway users and force to rotate the public keys?

Overview: This article helps to configure SSH key of the gateway users to expire after a specific number of days from GUI. This setting allows you to set an expiration period for SSH keys, after which the keys will no longer be valid for authentication. Users will then need to log in using a password. A value of 0 means that SSH keys will never expire.

Step 1:  Navigate to  Settings -> General -> Authentication -> Set User SSH key lifetime.

 As an example, Below Screenshot says that the SSH user will expire in 1 day. A value 0 means SSH key will never expire. 

Refer : How to add ssh public key for passwordless authentication in ssh

Step 2:  After a designated period has passed and the key for the specified user has expired, attempting to log in to ezsh using key authentication will be unsuccessful. However, the user will still be able to access the system using password authentication. This ensures that security measures are maintained while granting access through an alternative authentication method when key-based authentication is no longer valid.

Following is the expired SSH key, the expiration of which is determined by the date configured in the GUI. Upon adding a key, users can access the associated expiration date by pressing the F2 key.

How to add a new key via WebSSH if the user's existing key has expired?

Step 1: Login to GUI as the gateway user whose SSH key has been expired and click on the WebSSH icon

Step 2: Once web ssh console is open press "F2" or "#" on your keyboard which will take you to the section where you can manage SSH public keys. 

Step 3: Enter the SSH public key of the gateway user into the designated field and press "Enter" to confirm and save it. The key will then be used for authentication.

Step 3: Log in to ezsh, and the gateway user will be able to authenticate using the key.