| version 1.5, 2010/02/26 20:29:54 |
version 1.6, 2010/08/31 11:54:45 |
|
|
| |
|
| 2.2.3 Add protocol 2 key |
2.2.3 Add protocol 2 key |
| |
|
| The OpenSSH agent supports DSA and RSA keys for protocol 2. DSA keys may |
The OpenSSH agent supports DSA, ECDSA and RSA keys for protocol 2. DSA |
| be added using the following request |
keys may be added using the following request |
| |
|
| byte SSH2_AGENTC_ADD_IDENTITY or |
byte SSH2_AGENTC_ADD_IDENTITY or |
| SSH2_AGENTC_ADD_ID_CONSTRAINED |
SSH2_AGENTC_ADD_ID_CONSTRAINED |
|
|
| string key_comment |
string key_comment |
| constraint[] key_constraints |
constraint[] key_constraints |
| |
|
| |
ECDSA keys may be added using the following request |
| |
|
| |
byte SSH2_AGENTC_ADD_IDENTITY or |
| |
SSH2_AGENTC_ADD_ID_CONSTRAINED |
| |
string "ecdsa-sha2-nistp256" | |
| |
"ecdsa-sha2-nistp384" | |
| |
"ecdsa-sha2-nistp521" |
| |
string ecdsa_curve_name |
| |
string ecdsa_public_key |
| |
mpint ecdsa_private |
| |
string key_comment |
| |
constraint[] key_constraints |
| |
|
| |
ECDSA certificates may be added with: |
| |
byte SSH2_AGENTC_ADD_IDENTITY or |
| |
SSH2_AGENTC_ADD_ID_CONSTRAINED |
| |
string "ecdsa-sha2-nistp256-cert-v01@openssh.com" | |
| |
"ecdsa-sha2-nistp384-cert-v01@openssh.com" | |
| |
"ecdsa-sha2-nistp521-cert-v01@openssh.com" |
| |
string certificate |
| |
mpint ecdsa_private_key |
| |
string key_comment |
| |
constraint[] key_constraints |
| |
|
| RSA keys may be added with this request: |
RSA keys may be added with this request: |
| |
|
| byte SSH2_AGENTC_ADD_IDENTITY or |
byte SSH2_AGENTC_ADD_IDENTITY or |
|
|
| protocol 1 "add key" request, the private key is overspecified to avoid |
protocol 1 "add key" request, the private key is overspecified to avoid |
| redundant processing. |
redundant processing. |
| |
|
| For both DSA and RSA key add requests, "key_constraints" may only be |
For DSA, ECDSA and RSA key add requests, "key_constraints" may only be |
| present if the request type is SSH2_AGENTC_ADD_ID_CONSTRAINED. |
present if the request type is SSH2_AGENTC_ADD_ID_CONSTRAINED. |
| |
|
| The agent will reply with a SSH_AGENT_SUCCESS if the key has been |
The agent will reply with a SSH_AGENT_SUCCESS if the key has been |
|
|
| string key_blob |
string key_blob |
| |
|
| Where "key_blob" is encoded as per RFC 4253 section 6.6 "Public Key |
Where "key_blob" is encoded as per RFC 4253 section 6.6 "Public Key |
| Algorithms" for either of the supported key types: "ssh-dss" or |
Algorithms" for any of the supported protocol 2 key types. |
| "ssh-rsa". |
|
| |
|
| The agent will delete any private key matching the specified public key |
The agent will delete any private key matching the specified public key |
| and return SSH_AGENT_SUCCESS. If no such key was found, the agent will |
and return SSH_AGENT_SUCCESS. If no such key was found, the agent will |
|
|
| string key_comment |
string key_comment |
| |
|
| Where "key_blob" is encoded as per RFC 4253 section 6.6 "Public Key |
Where "key_blob" is encoded as per RFC 4253 section 6.6 "Public Key |
| Algorithms" for either of the supported key types: "ssh-dss" or |
Algorithms" for any of the supported protocol 2 key types. |
| "ssh-rsa". |
|
| |
|
| 2.6 Private key operations |
2.6 Private key operations |
| |
|
|
|
| uint32 flags |
uint32 flags |
| |
|
| Where "key_blob" is encoded as per RFC 4253 section 6.6 "Public Key |
Where "key_blob" is encoded as per RFC 4253 section 6.6 "Public Key |
| Algorithms" for either of the supported key types: "ssh-dss" or |
Algorithms" for any of the supported protocol 2 key types. "flags" is |
| "ssh-rsa". "flags" is a bit-mask, but at present only one possible value |
a bit-mask, but at present only one possible value is defined (see below |
| is defined (see below for its meaning): |
for its meaning): |
| |
|
| SSH_AGENT_OLD_SIGNATURE 1 |
SSH_AGENT_OLD_SIGNATURE 1 |
| |
|
![[BACK]](/icons/back.gif){kind=icon}
Return to PROTOCOL.agent CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh