agent - ActiveState ActiveGo 1.8
...

Package agent

import "golang.org/x/crypto/ssh/agent"
Overview
Index

Overview ▾

Package agent implements the ssh-agent protocol, and provides both a client and a server. The client can talk to a standard ssh-agent that uses UNIX sockets, and one could implement an alternative ssh-agent process using the sample server.

References:

[PROTOCOL.agent]:    http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL.agent?rev=HEAD

func ForwardToAgent

func ForwardToAgent(client *ssh.Client, keyring Agent) error

ForwardToAgent routes authentication requests to the given keyring.

func ForwardToRemote

func ForwardToRemote(client *ssh.Client, addr string) error

ForwardToRemote routes authentication requests to the ssh-agent process serving on the given unix socket.

func RequestAgentForwarding

func RequestAgentForwarding(session *ssh.Session) error

RequestAgentForwarding sets up agent forwarding for the session. ForwardToAgent or ForwardToRemote should be called to route the authentication requests.

func ServeAgent

func ServeAgent(agent Agent, c io.ReadWriter) error

ServeAgent serves the agent protocol on the given connection. It returns when an I/O error occurs.

type AddedKey

AddedKey describes an SSH key to be added to an Agent.

type AddedKey struct {
    // PrivateKey must be a *rsa.PrivateKey, *dsa.PrivateKey or
    // *ecdsa.PrivateKey, which will be inserted into the agent.
    PrivateKey interface{}
    // Certificate, if not nil, is communicated to the agent and will be
    // stored with the key.
    Certificate *ssh.Certificate
    // Comment is an optional, free-form string.
    Comment string
    // LifetimeSecs, if not zero, is the number of seconds that the
    // agent will store the key for.
    LifetimeSecs uint32
    // ConfirmBeforeUse, if true, requests that the agent confirm with the
    // user before each use of this key.
    ConfirmBeforeUse bool
}

type Agent

Agent represents the capabilities of an ssh-agent.

type Agent interface {
    // List returns the identities known to the agent.
    List() ([]*Key, error)

    // Sign has the agent sign the data using a protocol 2 key as defined
    // in [PROTOCOL.agent] section 2.6.2.
    Sign(key ssh.PublicKey, data []byte) (*ssh.Signature, error)

    // Add adds a private key to the agent.
    Add(key AddedKey) error

    // Remove removes all identities with the given public key.
    Remove(key ssh.PublicKey) error

    // RemoveAll removes all identities.
    RemoveAll() error

    // Lock locks the agent. Sign and Remove will fail, and List will empty an empty list.
    Lock(passphrase []byte) error

    // Unlock undoes the effect of Lock
    Unlock(passphrase []byte) error

    // Signers returns signers for all the known keys.
    Signers() ([]ssh.Signer, error)
}

func NewClient

func NewClient(rw io.ReadWriter) Agent

NewClient returns an Agent that talks to an ssh-agent process over the given connection.

func NewKeyring

func NewKeyring() Agent

NewKeyring returns an Agent that holds keys in memory. It is safe for concurrent use by multiple goroutines.

type Key

Key represents a protocol 2 public key as defined in [PROTOCOL.agent], section 2.5.2.

type Key struct {
    Format  string
    Blob    []byte
    Comment string
}

func (*Key) Marshal

func (k *Key) Marshal() []byte

Marshal returns key blob to satisfy the ssh.PublicKey interface.

func (*Key) String

func (k *Key) String() string

String returns the storage form of an agent key with the format, base64 encoded serialized key, and the comment if it is not empty.

func (*Key) Type

func (k *Key) Type() string

Type returns the public key type.

func (*Key) Verify

func (k *Key) Verify(data []byte, sig *ssh.Signature) error

Verify satisfies the ssh.PublicKey interface.