Google Git
Sign in
go / proposal / 03924127659c5fb14e9f06f77df82d10a31098b3 / . / design / 68723 / agent / agent.html
blob: 51f95b64f593bf28b990889b0448b4d84d78779d [file] [log] [blame]
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="generator" content="doc2go">
<title>agent</title>
<style>
body {
margin: 1em 2em;
font-family: Helvetica, sans-serif;
background-color: #f8f8f8;
font-size: 1em;
}
h1,
h2,
h3,
h4,
h5,
h6 {
margin-top: 0.3em;
margin-bottom: 0.3em;
}
h1,
h2,
h3,
h4 {
font-weight: 500;
}
h2 {
font-size: 1.75em
}
h3 {
font-size: 1.5em
}
h4 {
font-size: 1.33em
}
h5 {
font-size: 1em
}
a {
text-decoration: none;
color: #0366a5;
}
a:hover {
text-decoration: underline;
}
a.permalink {
display: none;
}
a.permalink:hover {
text-decoration: none;
}
*:hover>a.permalink {
display: inline;
}
nav {
padding: 1em;
background-color: #eee;
border-radius: 0.5em;
display: flex;
flex-wrap: wrap;
}
nav .navbar-right {
margin-left: auto;
}
/* Remove first level of nesting for a package's index section. */
#pkg-index+ul,
#pkg-examples+ul {
list-style-type: none;
padding: 0;
}
code,
kbd,
pre {
font-family: Consolas, monospace;
}
pre {
color: #222;
overflow-x: auto;
border: 1px solid #ccc;
border-radius: 0.5em;
background-color: #eee;
padding: 0.75em;
font-size: 0.9em;
}
details.example>summary {
color: #0366a5;
cursor: pointer;
}
details.deprecated>summary {
list-style: none;
}
span.deprecated-tag {
color: #eee;
background-color: #999;
padding: 0.125rem 0.3rem;
border-radius: 0.3rem;
font-size: 0.7rem;
vertical-align: middle;
cursor: pointer;
}
#search {
margin: 0.3em 0;
}
#generated-by-footer {
font-size: x-small;
}
/* Background */
.bg {
background-color: #ffffff;
}
/* PreWrapper */
.chroma {
background-color: #ffffff;
}
/* Error */
.chroma .err {
color: #a61717;
background-color: #e3d2d2
}
/* LineLink */
.chroma .lnlinks {
outline: none;
text-decoration: none;
color: inherit
}
/* LineTableTD */
.chroma .lntd {
vertical-align: top;
padding: 0;
margin: 0;
border: 0;
}
/* LineTable */
.chroma .lntable {
border-spacing: 0;
padding: 0;
margin: 0;
border: 0;
}
/* LineHighlight */
.chroma .hl {
background-color: #e5e5e5
}
/* LineNumbersTable */
.chroma .lnt {
white-space: pre;
-webkit-user-select: none;
user-select: none;
margin-right: 0.4em;
padding: 0 0.4em 0 0.4em;
color: #7f7f7f
}
/* LineNumbers */
.chroma .ln {
white-space: pre;
-webkit-user-select: none;
user-select: none;
margin-right: 0.4em;
padding: 0 0.4em 0 0.4em;
color: #7f7f7f
}
/* Line */
.chroma .line {
display: flex;
}
/* Keyword */
.chroma .k {
color: #000000;
font-weight: bold
}
/* KeywordConstant */
.chroma .kc {
color: #000000;
font-weight: bold
}
/* KeywordDeclaration */
.chroma .kd {
color: #000000;
font-weight: bold
}
/* KeywordNamespace */
.chroma .kn {
color: #000000;
font-weight: bold
}
/* KeywordPseudo */
.chroma .kp {
color: #000000;
font-weight: bold
}
/* KeywordReserved */
.chroma .kr {
color: #000000;
font-weight: bold
}
/* KeywordType */
.chroma .kt {
color: #445588;
font-weight: bold
}
/* NameAttribute */
.chroma .na {
color: #008080
}
/* NameBuiltin */
.chroma .nb {
color: #0086b3
}
/* NameBuiltinPseudo */
.chroma .bp {
color: #999999
}
/* NameClass */
.chroma .nc {
color: #445588;
font-weight: bold
}
/* NameConstant */
.chroma .no {
color: #008080
}
/* NameDecorator */
.chroma .nd {
color: #3c5d5d;
font-weight: bold
}
/* NameEntity */
.chroma .ni {
color: #800080
}
/* NameException */
.chroma .ne {
color: #990000;
font-weight: bold
}
/* NameFunction */
.chroma .nf {
color: #990000;
font-weight: bold
}
/* NameLabel */
.chroma .nl {
color: #990000;
font-weight: bold
}
/* NameNamespace */
.chroma .nn {
color: #555555
}
/* NameTag */
.chroma .nt {
color: #000080
}
/* NameVariable */
.chroma .nv {
color: #008080
}
/* NameVariableClass */
.chroma .vc {
color: #008080
}
/* NameVariableGlobal */
.chroma .vg {
color: #008080
}
/* NameVariableInstance */
.chroma .vi {
color: #008080
}
/* LiteralString */
.chroma .s {
color: #dd1144
}
/* LiteralStringAffix */
.chroma .sa {
color: #dd1144
}
/* LiteralStringBacktick */
.chroma .sb {
color: #dd1144
}
/* LiteralStringChar */
.chroma .sc {
color: #dd1144
}
/* LiteralStringDelimiter */
.chroma .dl {
color: #dd1144
}
/* LiteralStringDoc */
.chroma .sd {
color: #dd1144
}
/* LiteralStringDouble */
.chroma .s2 {
color: #dd1144
}
/* LiteralStringEscape */
.chroma .se {
color: #dd1144
}
/* LiteralStringHeredoc */
.chroma .sh {
color: #dd1144
}
/* LiteralStringInterpol */
.chroma .si {
color: #dd1144
}
/* LiteralStringOther */
.chroma .sx {
color: #dd1144
}
/* LiteralStringRegex */
.chroma .sr {
color: #009926
}
/* LiteralStringSingle */
.chroma .s1 {
color: #dd1144
}
/* LiteralStringSymbol */
.chroma .ss {
color: #990073
}
/* LiteralNumber */
.chroma .m {
color: #009999
}
/* LiteralNumberBin */
.chroma .mb {
color: #009999
}
/* LiteralNumberFloat */
.chroma .mf {
color: #009999
}
/* LiteralNumberHex */
.chroma .mh {
color: #009999
}
/* LiteralNumberInteger */
.chroma .mi {
color: #009999
}
/* LiteralNumberIntegerLong */
.chroma .il {
color: #009999
}
/* LiteralNumberOct */
.chroma .mo {
color: #009999
}
/* Operator */
.chroma .o {
color: #000000;
font-weight: bold
}
/* OperatorWord */
.chroma .ow {
color: #000000;
font-weight: bold
}
/* Comment */
.chroma .c {
color: #999988;
font-style: italic
}
/* CommentHashbang */
.chroma .ch {
color: #999988;
font-style: italic
}
/* CommentMultiline */
.chroma .cm {
color: #999988;
font-style: italic
}
/* CommentSingle */
.chroma .c1 {
color: #999988;
font-style: italic
}
/* CommentSpecial */
.chroma .cs {
color: #999999;
font-weight: bold;
font-style: italic
}
/* CommentPreproc */
.chroma .cp {
color: #999999;
font-weight: bold;
font-style: italic
}
/* CommentPreprocFile */
.chroma .cpf {
color: #999999;
font-weight: bold;
font-style: italic
}
/* GenericDeleted */
.chroma .gd {
color: #000000;
background-color: #ffdddd
}
/* GenericEmph */
.chroma .ge {
color: #000000;
font-style: italic
}
/* GenericError */
.chroma .gr {
color: #aa0000
}
/* GenericHeading */
.chroma .gh {
color: #999999
}
/* GenericInserted */
.chroma .gi {
color: #000000;
background-color: #ddffdd
}
/* GenericOutput */
.chroma .go {
color: #888888
}
/* GenericPrompt */
.chroma .gp {
color: #555555
}
/* GenericStrong */
.chroma .gs {
font-weight: bold
}
/* GenericSubheading */
.chroma .gu {
color: #aaaaaa
}
/* GenericTraceback */
.chroma .gt {
color: #aa0000
}
/* GenericUnderline */
.chroma .gl {
text-decoration: underline
}
/* TextWhitespace */
.chroma .w {
color: #bbbbbb
}
</style>
</head>
<body>
<main><h2 id="pkg-overview">package agent</h2>
<pre class="chroma"><span class="kn">import</span> <span class="s">&#34;golang.org/x/crypto/ssh/agent&#34;</span></pre>
<p>Package agent implements the ssh-agent protocol, and provides both
a client and a server. The client can talk to a standard ssh-agent
that uses UNIX sockets, and one could implement an alternative
ssh-agent process using the sample server.
<p>References:
<pre>[PROTOCOL.agent]: https://tools.ietf.org/html/draft-miller-ssh-agent-14
</pre>
<h3 id="pkg-index">Index</h3>
<ul>
<li><a href="#pkg-variables">Variables</a></li><li><a href="#ForwardToAgent">func ForwardToAgent(client *ssh.Client, keyring Agent) error</a></li>
<li><a href="#ForwardToRemote">func ForwardToRemote(client *ssh.Client, addr string) error</a></li>
<li><a href="#RequestAgentForwarding">func RequestAgentForwarding(session *ssh.Session) error</a></li>
<li><a href="#ServeAgent">func ServeAgent(agent Agent, c io.ReadWriter) error</a></li>
<li>
<a href="#AddedKey">type AddedKey</a>
</li>
<li>
<a href="#Agent">type Agent</a>
<ul>
<li><a href="#NewKeyring">func NewKeyring() Agent</a></li>
</ul>
</li>
<li>
<a href="#ConstraintExtension">type ConstraintExtension</a>
</li>
<li>
<a href="#ExtendedAgent">type ExtendedAgent</a>
<ul>
<li><a href="#NewClient">func NewClient(rw io.ReadWriter) ExtendedAgent</a></li>
</ul>
</li>
<li>
<a href="#Key">type Key</a>
<ul>
<li><a href="#Key.Marshal">func (k *Key) Marshal() []byte</a></li>
<li><a href="#Key.String">func (k *Key) String() string</a></li>
<li><a href="#Key.Type">func (k *Key) Type() string</a></li>
<li><a href="#Key.Verify">func (k *Key) Verify(data []byte, sig *ssh.Signature) error</a></li>
</ul>
</li>
<li>
<a href="#SignatureFlags">type SignatureFlags</a>
</li>
</ul><h4 id="pkg-examples">Examples</h4>
<ul>
<li><a href="#example-NewClient">NewClient</a></li>
</ul><h3 id="pkg-variables">Variables</h3>
<pre class="chroma"><span class="kd">var</span> <span id="ErrExtensionUnsupported"><span class="nx">ErrExtensionUnsupported</span></span> <span class="p">=</span> <a href="https://pkg.go.dev/errors"><span class="nx">errors</span></a><span class="p">.</span><a href="https://pkg.go.dev/errors#New"><span class="nf">New</span></a><span class="p">(</span><span class="s">&#34;agent: extension unsupported&#34;</span><span class="p">)</span></pre>
<p>ErrExtensionUnsupported indicates that an extension defined in
[PROTOCOL.agent] section 3.8 is unsupported by the agent. Specifically this
error indicates that the agent returned a standard SSH_AGENT_FAILURE message
as the result of a SSH_AGENTC_EXTENSION request. Note that the protocol
specification (and therefore this error) does not distinguish between a
specific extension being unsupported and extensions being unsupported entirely.
<h3 id="pkg-functions">Functions</h3>
<h3 id="ForwardToAgent">func ForwardToAgent</h3>
<pre class="chroma"><span class="kd">func</span> <span class="nf">ForwardToAgent</span><span class="p">(</span><span class="nx">client</span> <span class="o">*</span><a href=".."><span class="nx">ssh</span></a><span class="p">.</span><a href="..#Client"><span class="nx">Client</span></a><span class="p">,</span> <span class="nx">keyring</span> <a href="#Agent"><span class="nx">Agent</span></a><span class="p">)</span> <a href="https://pkg.go.dev/builtin#error"><span class="kt">error</span></a></pre>
<p>ForwardToAgent routes authentication requests to the given keyring.
<h3 id="ForwardToRemote">func ForwardToRemote</h3>
<pre class="chroma"><span class="kd">func</span> <span class="nf">ForwardToRemote</span><span class="p">(</span><span class="nx">client</span> <span class="o">*</span><a href=".."><span class="nx">ssh</span></a><span class="p">.</span><a href="..#Client"><span class="nx">Client</span></a><span class="p">,</span> <span class="nx">addr</span> <a href="https://pkg.go.dev/builtin#string"><span class="kt">string</span></a><span class="p">)</span> <a href="https://pkg.go.dev/builtin#error"><span class="kt">error</span></a></pre>
<p>ForwardToRemote routes authentication requests to the ssh-agent
process serving on the given unix socket.
<h3 id="RequestAgentForwarding">func RequestAgentForwarding</h3>
<pre class="chroma"><span class="kd">func</span> <span class="nf">RequestAgentForwarding</span><span class="p">(</span><span class="nx">session</span> <span class="o">*</span><a href=".."><span class="nx">ssh</span></a><span class="p">.</span><a href="..#Session"><span class="nx">Session</span></a><span class="p">)</span> <a href="https://pkg.go.dev/builtin#error"><span class="kt">error</span></a></pre>
<p>RequestAgentForwarding sets up agent forwarding for the session.
ForwardToAgent or ForwardToRemote should be called to route
the authentication requests.
<h3 id="ServeAgent">func ServeAgent</h3>
<pre class="chroma"><span class="kd">func</span> <span class="nf">ServeAgent</span><span class="p">(</span><span class="nx">agent</span> <a href="#Agent"><span class="nx">Agent</span></a><span class="p">,</span> <span class="nx">c</span> <a href="https://pkg.go.dev/io"><span class="nx">io</span></a><span class="p">.</span><a href="https://pkg.go.dev/io#ReadWriter"><span class="nx">ReadWriter</span></a><span class="p">)</span> <a href="https://pkg.go.dev/builtin#error"><span class="kt">error</span></a></pre>
<p>ServeAgent serves the agent protocol on the given connection. It
returns when an I/O error occurs.
<h3 id="pkg-types">Types</h3>
<h3 id="AddedKey">type AddedKey</h3>
<pre class="chroma"><span class="kd">type</span> <span class="nx">AddedKey</span> <span class="kd">struct</span> <span class="p">{</span>
<span class="c1">// PrivateKey must be a *rsa.PrivateKey, *dsa.PrivateKey,
</span><span class="c1"></span> <span class="c1">// ed25519.PrivateKey or *ecdsa.PrivateKey, which will be inserted into the
</span><span class="c1"></span> <span class="c1">// agent.
</span><span class="c1"></span> <span id="AddedKey.PrivateKey"><span class="nx">PrivateKey</span></span> <a href="https://pkg.go.dev/crypto"><span class="nx">crypto</span></a><span class="p">.</span><a href="https://pkg.go.dev/crypto#Signer"><span class="nx">Signer</span></a>
<span class="c1">// Certificate, if not nil, is communicated to the agent and will be
</span><span class="c1"></span> <span class="c1">// stored with the key.
</span><span class="c1"></span> <span id="AddedKey.Certificate"><span class="nx">Certificate</span></span> <span class="o">*</span><a href=".."><span class="nx">ssh</span></a><span class="p">.</span><a href="..#Certificate"><span class="nx">Certificate</span></a>
<span class="c1">// Comment is an optional, free-form string.
</span><span class="c1"></span> <span id="AddedKey.Comment"><span class="nx">Comment</span></span> <a href="https://pkg.go.dev/builtin#string"><span class="kt">string</span></a>
<span class="c1">// LifetimeSecs, if not zero, is the number of seconds that the
</span><span class="c1"></span> <span class="c1">// agent will store the key for.
</span><span class="c1"></span> <span id="AddedKey.LifetimeSecs"><span class="nx">LifetimeSecs</span></span> <a href="https://pkg.go.dev/builtin#uint32"><span class="kt">uint32</span></a>
<span class="c1">// ConfirmBeforeUse, if true, requests that the agent confirm with the
</span><span class="c1"></span> <span class="c1">// user before each use of this key.
</span><span class="c1"></span> <span id="AddedKey.ConfirmBeforeUse"><span class="nx">ConfirmBeforeUse</span></span> <a href="https://pkg.go.dev/builtin#bool"><span class="kt">bool</span></a>
<span class="c1">// ConstraintExtensions are the experimental or private-use constraints
</span><span class="c1"></span> <span class="c1">// defined by users.
</span><span class="c1"></span> <span id="AddedKey.ConstraintExtensions"><span class="nx">ConstraintExtensions</span></span> <span class="p">[]</span><a href="#ConstraintExtension"><span class="nx">ConstraintExtension</span></a>
<span class="p">}</span></pre>
<p>AddedKey describes an SSH key to be added to an Agent.
<h3 id="Agent">type Agent</h3>
<pre class="chroma"><span class="kd">type</span> <span class="nx">Agent</span> <span class="kd">interface</span> <span class="p">{</span>
<span class="c1">// List returns the identities known to the agent.
</span><span class="c1"></span> <span id="Agent.List"><span class="nf">List</span></span><span class="p">()</span> <span class="p">([]</span><span class="o">*</span><a href="#Key"><span class="nx">Key</span></a><span class="p">,</span> <a href="https://pkg.go.dev/builtin#error"><span class="kt">error</span></a><span class="p">)</span>
<span class="c1">// Sign has the agent sign the data using a protocol 2 key as defined in
</span><span class="c1"></span> <span class="c1">// [PROTOCOL.agent] section 3.6. This method is also implemented in
</span><span class="c1"></span> <span class="c1">// [ssh.Signer] interface.
</span><span class="c1"></span> <span id="Agent.Sign"><span class="nf">Sign</span></span><span class="p">(</span><span class="nx">key</span> <a href=".."><span class="nx">ssh</span></a><span class="p">.</span><a href="..#PublicKey"><span class="nx">PublicKey</span></a><span class="p">,</span> <span class="nx">data</span> <span class="p">[]</span><a href="https://pkg.go.dev/builtin#byte"><span class="kt">byte</span></a><span class="p">)</span> <span class="p">(</span><span class="o">*</span><a href=".."><span class="nx">ssh</span></a><span class="p">.</span><a href="..#Signature"><span class="nx">Signature</span></a><span class="p">,</span> <a href="https://pkg.go.dev/builtin#error"><span class="kt">error</span></a><span class="p">)</span>
<span class="c1">// SignWithFlags signs like Sign, but allows for additional flags to be
</span><span class="c1"></span> <span class="c1">// sent/received. See [PROTOCOL.agent] section 3.6.1.
</span><span class="c1"></span> <span id="Agent.SignWithFlags"><span class="nf">SignWithFlags</span></span><span class="p">(</span><span class="nx">key</span> <a href=".."><span class="nx">ssh</span></a><span class="p">.</span><a href="..#PublicKey"><span class="nx">PublicKey</span></a><span class="p">,</span> <span class="nx">data</span> <span class="p">[]</span><a href="https://pkg.go.dev/builtin#byte"><span class="kt">byte</span></a><span class="p">,</span> <span class="nx">flags</span> <a href="#SignatureFlags"><span class="nx">SignatureFlags</span></a><span class="p">)</span> <span class="p">(</span><span class="o">*</span><a href=".."><span class="nx">ssh</span></a><span class="p">.</span><a href="..#Signature"><span class="nx">Signature</span></a><span class="p">,</span> <a href="https://pkg.go.dev/builtin#error"><span class="kt">error</span></a><span class="p">)</span>
<span class="c1">// Add adds a private key to the agent.
</span><span class="c1"></span> <span id="Agent.Add"><span class="nf">Add</span></span><span class="p">(</span><span class="nx">key</span> <a href="#AddedKey"><span class="nx">AddedKey</span></a><span class="p">)</span> <a href="https://pkg.go.dev/builtin#error"><span class="kt">error</span></a>
<span class="c1">// Remove removes all identities with the given public key.
</span><span class="c1"></span> <span id="Agent.Remove"><span class="nf">Remove</span></span><span class="p">(</span><span class="nx">key</span> <a href=".."><span class="nx">ssh</span></a><span class="p">.</span><a href="..#PublicKey"><span class="nx">PublicKey</span></a><span class="p">)</span> <a href="https://pkg.go.dev/builtin#error"><span class="kt">error</span></a>
<span class="c1">// RemoveAll removes all identities.
</span><span class="c1"></span> <span id="Agent.RemoveAll"><span class="nf">RemoveAll</span></span><span class="p">()</span> <a href="https://pkg.go.dev/builtin#error"><span class="kt">error</span></a>
<span class="c1">// Lock locks the agent. Sign and Remove will fail, and List will empty an empty list.
</span><span class="c1"></span> <span id="Agent.Lock"><span class="nf">Lock</span></span><span class="p">(</span><span class="nx">passphrase</span> <span class="p">[]</span><a href="https://pkg.go.dev/builtin#byte"><span class="kt">byte</span></a><span class="p">)</span> <a href="https://pkg.go.dev/builtin#error"><span class="kt">error</span></a>
<span class="c1">// Unlock undoes the effect of Lock
</span><span class="c1"></span> <span id="Agent.Unlock"><span class="nf">Unlock</span></span><span class="p">(</span><span class="nx">passphrase</span> <span class="p">[]</span><a href="https://pkg.go.dev/builtin#byte"><span class="kt">byte</span></a><span class="p">)</span> <a href="https://pkg.go.dev/builtin#error"><span class="kt">error</span></a>
<span class="c1">// Signers returns signers for all the known keys.
</span><span class="c1"></span> <span id="Agent.Signers"><span class="nf">Signers</span></span><span class="p">()</span> <span class="p">([]</span><a href=".."><span class="nx">ssh</span></a><span class="p">.</span><a href="..#Signer"><span class="nx">Signer</span></a><span class="p">,</span> <a href="https://pkg.go.dev/builtin#error"><span class="kt">error</span></a><span class="p">)</span>
<span class="p">}</span></pre>
<p>Agent represents the capabilities of an ssh-agent.
<h4 id="NewKeyring">func NewKeyring</h4>
<pre class="chroma"><span class="kd">func</span> <span class="nf">NewKeyring</span><span class="p">()</span> <a href="#Agent"><span class="nx">Agent</span></a></pre>
<p>NewKeyring returns an Agent that holds keys in memory. It is safe
for concurrent use by multiple goroutines.
<h3 id="ConstraintExtension">type ConstraintExtension</h3>
<pre class="chroma"><span class="kd">type</span> <span class="nx">ConstraintExtension</span> <span class="kd">struct</span> <span class="p">{</span>
<span class="c1">// ExtensionName consist of a UTF-8 string suffixed by the
</span><span class="c1"></span> <span class="c1">// implementation domain following the naming scheme defined
</span><span class="c1"></span> <span class="c1">// in Section 4.2 of RFC 4251, e.g. &#34;foo@example.com&#34;.
</span><span class="c1"></span> <span id="ConstraintExtension.ExtensionName"><span class="nx">ExtensionName</span></span> <a href="https://pkg.go.dev/builtin#string"><span class="kt">string</span></a>
<span class="c1">// ExtensionDetails contains the actual content of the extended
</span><span class="c1"></span> <span class="c1">// constraint.
</span><span class="c1"></span> <span id="ConstraintExtension.ExtensionDetails"><span class="nx">ExtensionDetails</span></span> <span class="p">[]</span><a href="https://pkg.go.dev/builtin#byte"><span class="kt">byte</span></a>
<span class="p">}</span></pre>
<p>ConstraintExtension describes an optional constraint defined by users.
<h3 id="ExtendedAgent">type ExtendedAgent</h3>
<pre class="chroma"><span class="kd">type</span> <span class="nx">ExtendedAgent</span> <span class="kd">interface</span> <span class="p">{</span>
<a href="#Agent"><span class="nx">Agent</span></a>
<span class="c1">// Extension processes a custom extension request. Standard-compliant agents are not
</span><span class="c1"></span> <span class="c1">// required to support any extensions, but this method allows agents to implement
</span><span class="c1"></span> <span class="c1">// vendor-specific methods or add experimental features. See [PROTOCOL.agent] section 3.8.
</span><span class="c1"></span> <span class="c1">// If agent extensions are unsupported entirely this method MUST return an
</span><span class="c1"></span> <span class="c1">// ErrExtensionUnsupported error. Similarly, if just the specific extensionType in
</span><span class="c1"></span> <span class="c1">// the request is unsupported by the agent then ErrExtensionUnsupported MUST be
</span><span class="c1"></span> <span class="c1">// returned.
</span><span class="c1"></span> <span class="c1">//
</span><span class="c1"></span> <span class="c1">// In the case of success, since [PROTOCOL.agent] section 3.8 specifies that the contents
</span><span class="c1"></span> <span class="c1">// of the response are unspecified (including the type of the message), the complete
</span><span class="c1"></span> <span class="c1">// response will be returned as a []byte slice, including the &#34;type&#34; byte of the message.
</span><span class="c1"></span> <span id="ExtendedAgent.Extension"><span class="nf">Extension</span></span><span class="p">(</span><span class="nx">extensionType</span> <a href="https://pkg.go.dev/builtin#string"><span class="kt">string</span></a><span class="p">,</span> <span class="nx">contents</span> <span class="p">[]</span><a href="https://pkg.go.dev/builtin#byte"><span class="kt">byte</span></a><span class="p">)</span> <span class="p">([]</span><a href="https://pkg.go.dev/builtin#byte"><span class="kt">byte</span></a><span class="p">,</span> <a href="https://pkg.go.dev/builtin#error"><span class="kt">error</span></a><span class="p">)</span>
<span class="p">}</span></pre>
<h4 id="NewClient">func NewClient</h4>
<pre class="chroma"><span class="kd">func</span> <span class="nf">NewClient</span><span class="p">(</span><span class="nx">rw</span> <a href="https://pkg.go.dev/io"><span class="nx">io</span></a><span class="p">.</span><a href="https://pkg.go.dev/io#ReadWriter"><span class="nx">ReadWriter</span></a><span class="p">)</span> <a href="#ExtendedAgent"><span class="nx">ExtendedAgent</span></a></pre>
<p>NewClient returns an Agent that talks to an ssh-agent process over
the given connection.
<details id="example-NewClient" class="example">
<summary>Example</summary>
<pre class="chroma"><span class="kn">package</span> <span class="nx">main</span>
<span class="kn">import</span> <span class="p">(</span>
<span class="s">&#34;context&#34;</span>
<span class="s">&#34;log&#34;</span>
<span class="s">&#34;net&#34;</span>
<span class="s">&#34;os&#34;</span>
<span class="s">&#34;golang.org/x/crypto/ssh&#34;</span>
<span class="s">&#34;golang.org/x/crypto/ssh/agent&#34;</span>
<span class="p">)</span>
<span class="kd">func</span> <span class="nf">main</span><span class="p">()</span> <span class="p">{</span>
<span class="c1">// ssh-agent(1) provides a UNIX socket at $SSH_AUTH_SOCK.
</span><span class="c1"></span> <span class="nx">socket</span> <span class="o">:=</span> <span class="nx">os</span><span class="p">.</span><span class="nf">Getenv</span><span class="p">(</span><span class="s">&#34;SSH_AUTH_SOCK&#34;</span><span class="p">)</span>
<span class="nx">conn</span><span class="p">,</span> <span class="nx">err</span> <span class="o">:=</span> <span class="nx">net</span><span class="p">.</span><span class="nf">Dial</span><span class="p">(</span><span class="s">&#34;unix&#34;</span><span class="p">,</span> <span class="nx">socket</span><span class="p">)</span>
<span class="k">if</span> <span class="nx">err</span> <span class="o">!=</span> <span class="kc">nil</span> <span class="p">{</span>
<span class="nx">log</span><span class="p">.</span><span class="nf">Fatalf</span><span class="p">(</span><span class="s">&#34;Failed to open SSH_AUTH_SOCK: %v&#34;</span><span class="p">,</span> <span class="nx">err</span><span class="p">)</span>
<span class="p">}</span>
<span class="nx">agentClient</span> <span class="o">:=</span> <span class="nx">agent</span><span class="p">.</span><span class="nf">NewClient</span><span class="p">(</span><span class="nx">conn</span><span class="p">)</span>
<span class="nx">config</span> <span class="o">:=</span> <span class="o">&amp;</span><span class="nx">ssh</span><span class="p">.</span><span class="nx">ClientConfig</span><span class="p">{</span>
<span class="nx">User</span><span class="p">:</span> <span class="s">&#34;gopher&#34;</span><span class="p">,</span>
<span class="nx">Auth</span><span class="p">:</span> <span class="p">[]</span><span class="nx">ssh</span><span class="p">.</span><span class="nx">AuthMethod</span><span class="p">{</span>
<span class="c1">// Use a callback rather than PublicKeys so we only consult the
</span><span class="c1"></span> <span class="c1">// agent once the remote server wants it.
</span><span class="c1"></span> <span class="nx">ssh</span><span class="p">.</span><span class="nf">PublicKeysCallback</span><span class="p">(</span><span class="nx">agentClient</span><span class="p">.</span><span class="nx">Signers</span><span class="p">),</span>
<span class="p">},</span>
<span class="nx">HostKey</span><span class="p">:</span> <span class="nx">ssh</span><span class="p">.</span><span class="nf">InsecureIgnoreHostKey</span><span class="p">(),</span>
<span class="p">}</span>
<span class="nx">sshc</span><span class="p">,</span> <span class="nx">err</span> <span class="o">:=</span> <span class="nx">ssh</span><span class="p">.</span><span class="nf">Dial</span><span class="p">(</span><span class="nx">context</span><span class="p">.</span><span class="nf">Background</span><span class="p">(),</span> <span class="s">&#34;tcp&#34;</span><span class="p">,</span> <span class="s">&#34;localhost:22&#34;</span><span class="p">,</span> <span class="nx">config</span><span class="p">)</span>
<span class="k">if</span> <span class="nx">err</span> <span class="o">!=</span> <span class="kc">nil</span> <span class="p">{</span>
<span class="nx">log</span><span class="p">.</span><span class="nf">Fatal</span><span class="p">(</span><span class="nx">err</span><span class="p">)</span>
<span class="p">}</span>
<span class="c1">// Use sshc...
</span><span class="c1"></span> <span class="nx">sshc</span><span class="p">.</span><span class="nf">Close</span><span class="p">()</span>
<span class="p">}</span></pre>
</details>
<h3 id="Key">type Key</h3>
<pre class="chroma"><span class="kd">type</span> <span class="nx">Key</span> <span class="kd">struct</span> <span class="p">{</span>
<span id="Key.Format"><span class="nx">Format</span></span> <a href="https://pkg.go.dev/builtin#string"><span class="kt">string</span></a>
<span id="Key.Blob"><span class="nx">Blob</span></span> <span class="p">[]</span><a href="https://pkg.go.dev/builtin#byte"><span class="kt">byte</span></a>
<span id="Key.Comment"><span class="nx">Comment</span></span> <a href="https://pkg.go.dev/builtin#string"><span class="kt">string</span></a>
<span class="p">}</span></pre>
<p>Key represents a protocol 2 public key as defined in
[PROTOCOL.agent], section 3.3.
<h4 id="Key.Marshal">func (*Key) Marshal</h4>
<pre class="chroma"><span class="kd">func</span> <span class="p">(</span><span class="nx">k</span> <span class="o">*</span><a href="#Key"><span class="nx">Key</span></a><span class="p">)</span> <span class="nf">Marshal</span><span class="p">()</span> <span class="p">[]</span><a href="https://pkg.go.dev/builtin#byte"><span class="kt">byte</span></a></pre>
<p>Marshal returns key blob to satisfy the ssh.PublicKey interface.
<h4 id="Key.String">func (*Key) String</h4>
<pre class="chroma"><span class="kd">func</span> <span class="p">(</span><span class="nx">k</span> <span class="o">*</span><a href="#Key"><span class="nx">Key</span></a><span class="p">)</span> <span class="nf">String</span><span class="p">()</span> <a href="https://pkg.go.dev/builtin#string"><span class="kt">string</span></a></pre>
<p>String returns the storage form of an agent key with the format, base64
encoded serialized key, and the comment if it is not empty.
<h4 id="Key.Type">func (*Key) Type</h4>
<pre class="chroma"><span class="kd">func</span> <span class="p">(</span><span class="nx">k</span> <span class="o">*</span><a href="#Key"><span class="nx">Key</span></a><span class="p">)</span> <span class="nf">Type</span><span class="p">()</span> <a href="https://pkg.go.dev/builtin#string"><span class="kt">string</span></a></pre>
<p>Type returns the public key type.
<h4 id="Key.Verify">func (*Key) Verify</h4>
<pre class="chroma"><span class="kd">func</span> <span class="p">(</span><span class="nx">k</span> <span class="o">*</span><a href="#Key"><span class="nx">Key</span></a><span class="p">)</span> <span class="nf">Verify</span><span class="p">(</span><span class="nx">data</span> <span class="p">[]</span><a href="https://pkg.go.dev/builtin#byte"><span class="kt">byte</span></a><span class="p">,</span> <span class="nx">sig</span> <span class="o">*</span><a href=".."><span class="nx">ssh</span></a><span class="p">.</span><a href="..#Signature"><span class="nx">Signature</span></a><span class="p">)</span> <a href="https://pkg.go.dev/builtin#error"><span class="kt">error</span></a></pre>
<p>Verify satisfies the ssh.PublicKey interface.
<h3 id="SignatureFlags">type SignatureFlags</h3>
<pre class="chroma"><span class="kd">type</span> <span class="nx">SignatureFlags</span> <a href="https://pkg.go.dev/builtin#uint32"><span class="kt">uint32</span></a></pre>
<p>SignatureFlags represent additional flags that can be passed to the signature
requests an defined in [PROTOCOL.agent] section 3.6.1.
<pre class="chroma"><span class="kd">const</span> <span class="p">(</span>
<span id="SignatureFlagReserved"><span class="nx">SignatureFlagReserved</span></span> <a href="#SignatureFlags"><span class="nx">SignatureFlags</span></a> <span class="p">=</span> <span class="mi">1</span> <span class="o">&lt;&lt;</span> <a href="https://pkg.go.dev/builtin#iota"><span class="kc">iota</span></a>
<span id="SignatureFlagRsaSha256"><span class="nx">SignatureFlagRsaSha256</span></span>
<span id="SignatureFlagRsaSha512"><span class="nx">SignatureFlagRsaSha512</span></span>
<span class="p">)</span></pre>
<p>SignatureFlag values as defined in [PROTOCOL.agent] section 5.3.
</main>
<hr>
<footer>
<small id="generated-by-footer">
Generated with <a href="https://abhinav.github.io/doc2go/">doc2go</a>
</small>
</footer>
<script type="text/javascript">
// If the page was opened with an anchor (e.g. #foo),
// and the destination is a <details> element, open it.
function openDetailsAnchor() {
let hash = window.location.hash
if (!hash) {
return
}
let el = document.getElementById(hash.slice(1)) // remove leading '#'
if (!el) {
return
}
let details = el.closest("details")
while (details) {
details.open = true
details = details.parentElement.closest("details")
}
// New elements may have appeared.
// Set hash again to scroll to the right place.
window.location.hash = hash;
return false;
}
window.addEventListener('hashchange', openDetailsAnchor)
window.addEventListener('load', () => {
document.querySelectorAll("h2, h3, h4, h5, h6").forEach((el) => {
if (!el.id) {
return
}
el.innerHTML += ' <a class="permalink" href="#' + el.id + '">&para;</a>'
})
document.querySelectorAll("details.example > summary").forEach((el) => {
let id = el.parentElement.id;
if (!id) {
return
}
el.innerHTML += ' <a class="permalink" href="#' + id + '">&para;</a>'
})
openDetailsAnchor()
})
</script>
</body>
</html>