deal with ssh key expiry

Not a perfect solution, but good enough, few users will wait 10 minutes in
the middle and see it expire, I hope.

doc/design/assistant/sshpassword.mdwn

@@ -21,8 +21,8 @@ can be pretty sure noone is sniffing the (localhost) connection.
   cause the webapp to read the password and forward it on. Also, set
   DISPLAY to ensure that ssh runs the program. **done**
 
-Looking at ssh.exe, I think this will even work on windows; it contains the
-code to run ssh-askpass.
+Looking at ssh.exe, I think this will even work on Windows; it contains the
+code to run ssh-askpass. (It does work on Windows!)
 
 ### securely handling the password
 
@@ -31,7 +31,10 @@ code to run ssh-askpass.
   is being accessed remotely, absolutely: require https.
 * Use hs-securemem to store password.
 * Avoid storing password for long. Erase it after webapp setup of remote
-  is complete. Time out after 10 minutes and erase it.
+  is complete. Time out after 10 minutes and erase it. **done**
+* If the user is slow, the cached ssh key can exire before they finish.
+  This results in ssh being given no password, and failing. The UI
+  now detects this and suggests the user retry. **done**
 * Prompt using a html field name that does not trigger web browser password
   saving if possible.
 
@@ -58,7 +61,3 @@ if the shim cannot requst an arbitrary password prompt.
 
 * test on OSX
 * test on Android
-* If the user is slow, the cached ssh key can exire before they finish.
-  Currently this results in ssh being given no password, and failing.
-  Either avoid time-based expiry (manually expiring when done, and how
-  to detect if they gave up?) or notice this and give a sensible error.