crypto: golang.org/x/crypto/ssh/agent Index | Files

package agent

import "golang.org/x/crypto/ssh/agent"

Package agent implements the ssh-agent protocol, and provides both a client and a server. The client can talk to a standard ssh-agent that uses UNIX sockets, and one could implement an alternative ssh-agent process using the sample server.

References:

[PROTOCOL.agent]:    http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL.agent?rev=HEAD

Index

Package Files

client.go forward.go keyring.go server.go

func ForwardToAgent Uses

func ForwardToAgent(client *ssh.Client, keyring Agent) error

ForwardToAgent routes authentication requests to the given keyring.

func ForwardToRemote Uses

func ForwardToRemote(client *ssh.Client, addr string) error

ForwardToRemote routes authentication requests to the ssh-agent process serving on the given unix socket.

func RequestAgentForwarding Uses

func RequestAgentForwarding(session *ssh.Session) error

RequestAgentForwarding sets up agent forwarding for the session. ForwardToAgent or ForwardToRemote should be called to route the authentication requests.

func ServeAgent Uses

func ServeAgent(agent Agent, c io.ReadWriter) error

ServeAgent serves the agent protocol on the given connection. It returns when an I/O error occurs.

type AddedKey Uses

type AddedKey struct {
    // PrivateKey must be a *rsa.PrivateKey, *dsa.PrivateKey or
    // *ecdsa.PrivateKey, which will be inserted into the agent.
    PrivateKey interface{}
    // Certificate, if not nil, is communicated to the agent and will be
    // stored with the key.
    Certificate *ssh.Certificate
    // Comment is an optional, free-form string.
    Comment string
    // LifetimeSecs, if not zero, is the number of seconds that the
    // agent will store the key for.
    LifetimeSecs uint32
    // ConfirmBeforeUse, if true, requests that the agent confirm with the
    // user before each use of this key.
    ConfirmBeforeUse bool
}

AddedKey describes an SSH key to be added to an Agent.

type Agent Uses

type Agent interface {
    // List returns the identities known to the agent.
    List() ([]*Key, error)

    // Sign has the agent sign the data using a protocol 2 key as defined
    // in [PROTOCOL.agent] section 2.6.2.
    Sign(key ssh.PublicKey, data []byte) (*ssh.Signature, error)

    // Add adds a private key to the agent.
    Add(key AddedKey) error

    // Remove removes all identities with the given public key.
    Remove(key ssh.PublicKey) error

    // RemoveAll removes all identities.
    RemoveAll() error

    // Lock locks the agent. Sign and Remove will fail, and List will empty an empty list.
    Lock(passphrase []byte) error

    // Unlock undoes the effect of Lock
    Unlock(passphrase []byte) error

    // Signers returns signers for all the known keys.
    Signers() ([]ssh.Signer, error)
}

Agent represents the capabilities of an ssh-agent.

func NewClient Uses

func NewClient(rw io.ReadWriter) Agent

NewClient returns an Agent that talks to an ssh-agent process over the given connection.

func NewKeyring Uses

func NewKeyring() Agent

NewKeyring returns an Agent that holds keys in memory. It is safe for concurrent use by multiple goroutines.

type Key Uses

type Key struct {
    Format  string
    Blob    []byte
    Comment string
}

Key represents a protocol 2 public key as defined in [PROTOCOL.agent], section 2.5.2.

func (*Key) Marshal Uses

func (k *Key) Marshal() []byte

Marshal returns key blob to satisfy the ssh.PublicKey interface.

func (*Key) String Uses

func (k *Key) String() string

String returns the storage form of an agent key with the format, base64 encoded serialized key, and the comment if it is not empty.

func (*Key) Type Uses

func (k *Key) Type() string

Type returns the public key type.

func (*Key) Verify Uses

func (k *Key) Verify(data []byte, sig *ssh.Signature) error

Verify satisfies the ssh.PublicKey interface.

Package agent imports 19 packages (graph) and is imported by 177 packages. Updated 2017-06-20. Refresh now. Tools for package owners.