| PROTOCOL.agent (181111) | PROTOCOL.agent (204917) |
|---|---|
| 1This describes the protocol used by OpenSSH's ssh-agent. 2 3OpenSSH's agent supports managing keys for the standard SSH protocol 42 as well as the legacy SSH protocol 1. Support for these key types 5is almost completely disjoint - in all but a few cases, operations on 6protocol 2 keys cannot see or affect protocol 1 keys and vice-versa. 7 8Protocol 1 and protocol 2 keys are separated because of the differing --- 159 unchanged lines hidden (view full) --- 168 mpint dsa_p 169 mpint dsa_q 170 mpint dsa_g 171 mpint dsa_public_key 172 mpint dsa_private_key 173 string key_comment 174 constraint[] key_constraints 175 | 1This describes the protocol used by OpenSSH's ssh-agent. 2 3OpenSSH's agent supports managing keys for the standard SSH protocol 42 as well as the legacy SSH protocol 1. Support for these key types 5is almost completely disjoint - in all but a few cases, operations on 6protocol 2 keys cannot see or affect protocol 1 keys and vice-versa. 7 8Protocol 1 and protocol 2 keys are separated because of the differing --- 159 unchanged lines hidden (view full) --- 168 mpint dsa_p 169 mpint dsa_q 170 mpint dsa_g 171 mpint dsa_public_key 172 mpint dsa_private_key 173 string key_comment 174 constraint[] key_constraints 175 |
| 176DSA certificates may be added with: 177 byte SSH2_AGENTC_ADD_IDENTITY or 178 SSH2_AGENTC_ADD_ID_CONSTRAINED 179 string "ssh-dss-cert-v00@openssh.com" 180 string certificate 181 mpint dsa_private_key 182 string key_comment 183 constraint[] key_constraints 184 |
|
| 176RSA keys may be added with this request: 177 178 byte SSH2_AGENTC_ADD_IDENTITY or 179 SSH2_AGENTC_ADD_ID_CONSTRAINED 180 string "ssh-rsa" 181 mpint rsa_n 182 mpint rsa_e 183 mpint rsa_d 184 mpint rsa_iqmp 185 mpint rsa_p 186 mpint rsa_q 187 string key_comment 188 constraint[] key_constraints 189 | 185RSA keys may be added with this request: 186 187 byte SSH2_AGENTC_ADD_IDENTITY or 188 SSH2_AGENTC_ADD_ID_CONSTRAINED 189 string "ssh-rsa" 190 mpint rsa_n 191 mpint rsa_e 192 mpint rsa_d 193 mpint rsa_iqmp 194 mpint rsa_p 195 mpint rsa_q 196 string key_comment 197 constraint[] key_constraints 198 |
| 199RSA certificates may be added with this request: 200 201 byte SSH2_AGENTC_ADD_IDENTITY or 202 SSH2_AGENTC_ADD_ID_CONSTRAINED 203 string "ssh-rsa-cert-v00@openssh.com" 204 string certificate 205 mpint rsa_d 206 mpint rsa_iqmp 207 mpint rsa_p 208 mpint rsa_q 209 string key_comment 210 constraint[] key_constraints 211 |
|
| 190Note that the 'rsa_p' and 'rsa_q' parameters are sent in the reverse 191order to the protocol 1 add keys message. As with the corresponding 192protocol 1 "add key" request, the private key is overspecified to avoid 193redundant processing. 194 195For both DSA and RSA key add requests, "key_constraints" may only be 196present if the request type is SSH2_AGENTC_ADD_ID_CONSTRAINED. 197 --- 310 unchanged lines hidden (view full) --- 508 SSH2_AGENT_IDENTITIES_ANSWER 12 509 SSH2_AGENT_SIGN_RESPONSE 14 510 5113.7 Key constraint identifiers 512 513 SSH_AGENT_CONSTRAIN_LIFETIME 1 514 SSH_AGENT_CONSTRAIN_CONFIRM 2 515 | 212Note that the 'rsa_p' and 'rsa_q' parameters are sent in the reverse 213order to the protocol 1 add keys message. As with the corresponding 214protocol 1 "add key" request, the private key is overspecified to avoid 215redundant processing. 216 217For both DSA and RSA key add requests, "key_constraints" may only be 218present if the request type is SSH2_AGENTC_ADD_ID_CONSTRAINED. 219 --- 310 unchanged lines hidden (view full) --- 530 SSH2_AGENT_IDENTITIES_ANSWER 12 531 SSH2_AGENT_SIGN_RESPONSE 14 532 5333.7 Key constraint identifiers 534 535 SSH_AGENT_CONSTRAIN_LIFETIME 1 536 SSH_AGENT_CONSTRAIN_CONFIRM 2 537 |
| 516$OpenBSD: PROTOCOL.agent,v 1.4 2008/07/01 23:12:47 stevesk Exp $ | 538$OpenBSD: PROTOCOL.agent,v 1.5 2010/02/26 20:29:54 djm Exp $ |