roagent

package
v0.0.0-...-3f826ee Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 28, 2018 License: BSD-2-Clause Imports: 14 Imported by: 0

Documentation

Index

Constants

View Source
const SSHROKey string = "ssh-ro"

Variables

This section is empty.

Functions

func ServeAgent

func ServeAgent(roagent *ROAgent, c io.ReadWriter) error

ServeAgent serves the agent protocol on the given connection. It returns when an I/O error occurs.

Types

type AddedKey

type AddedKey struct {
	// PrivateKey must be a *rsa.PrivateKey, *dsa.PrivateKey or
	// *ecdsa.PrivateKey, which will be inserted into the agent.
	PrivateKey interface{}
	// Certificate, if not nil, is communicated to the agent and will be
	// stored with the key.
	Certificate *ssh.Certificate
	// Comment is an optional, free-form string.
	Comment string
	// LifetimeSecs, if not zero, is the number of seconds that the
	// agent will store the key for.
	LifetimeSecs uint32
	// ConfirmBeforeUse, if true, requests that the agent confirm with the
	// user before each use of this key.
	ConfirmBeforeUse bool
	// ConstraintExtensions are the experimental or private-use constraints
	// defined by users.
	ConstraintExtensions []ConstraintExtension
}

AddedKey describes an SSH key to be added to an Agent.

type Agent

type Agent interface {
	// List returns the identities known to the agent.
	List() ([]*Key, error)

	// Sign has the agent sign the data using a protocol 2 key as defined
	// in [PROTOCOL.agent] section 2.6.2.
	Sign(key ssh.PublicKey, data []byte) (*ssh.Signature, error)

	// Add adds a private key to the agent.
	Add(key AddedKey) error

	// Remove removes all identities with the given public key.
	Remove(key ssh.PublicKey) error

	// RemoveAll removes all identities.
	RemoveAll() error

	// Lock locks the agent. Sign and Remove will fail, and List will empty an empty list.
	Lock(passphrase []byte) error

	// Unlock undoes the effect of Lock
	Unlock(passphrase []byte) error

	// Signers returns signers for all the known keys.
	Signers() ([]ssh.Signer, error)
}

Agent represents the capabilities of an ssh-agent.

func NewClient

func NewClient(rw io.ReadWriter) Agent

NewClient returns an Agent that talks to an ssh-agent process over the given connection.

type ConstraintExtension

type ConstraintExtension struct {
	// ExtensionName consist of a UTF-8 string suffixed by the
	// implementation domain following the naming scheme defined
	// in Section 4.2 of [RFC4251], e.g.  "foo@example.com".
	ExtensionName string
	// ExtensionDetails contains the actual content of the extended
	// constraint.
	ExtensionDetails []byte
}

ConstraintExtension describes an optional constraint defined by users.

type Key

type Key struct {
	Format  string
	Blob    []byte
	Comment string
}

Key represents a protocol 2 public key as defined in [PROTOCOL.agent], section 2.5.2.

func (*Key) Marshal

func (k *Key) Marshal() []byte

Marshal returns key blob to satisfy the ssh.PublicKey interface.

func (*Key) String

func (k *Key) String() string

String returns the storage form of an agent key with the format, base64 encoded serialized key, and the comment if it is not empty.

func (*Key) Type

func (k *Key) Type() string

Type returns the public key type.

func (*Key) Verify

func (k *Key) Verify(data []byte, sig *ssh.Signature) error

Verify satisfies the ssh.PublicKey interface.

type ROAgent

type ROAgent struct {
	// contains filtered or unexported fields
}

func NewROAgent

func NewROAgent(server *roclient.RemoteServer, username, password string) *ROAgent

NewROAgent creates a new SSH agent which forwards signature requests to the provided remote server

func (*ROAgent) Add

func (roagent *ROAgent) Add(key AddedKey) error

Adds a new encrypted key to ROAgent's keyring

func (*ROAgent) List

func (roagent *ROAgent) List() ([]*Key, error)

List returns the identities known to the agent.

func (*ROAgent) Lock

func (roagent *ROAgent) Lock(passphrase []byte) error

Locks the ROAgent by removing the password TODO should this encrypt the password instead?

func (*ROAgent) Remove

func (roagent *ROAgent) Remove(key ssh.PublicKey) error

Removes the first matching key from ROAgent's keyring

func (*ROAgent) RemoveAll

func (roagent *ROAgent) RemoveAll() error

RemoveAll empties ROAgent's keyring

func (*ROAgent) Sign

func (roagent *ROAgent) Sign(key ssh.PublicKey, data []byte) (*ssh.Signature, error)

Sign returns a signature for the data.

func (*ROAgent) Signers

func (roagent *ROAgent) Signers() ([]ssh.Signer, error)

Signers returns signers for all the known keys.

func (*ROAgent) Unlock

func (roagent *ROAgent) Unlock(passphrase []byte) error

Unlocks the ROAgent by changing the password FIXME ask papa RO if the password is correct

type ROSigner

type ROSigner struct {
	// contains filtered or unexported fields
}

func NewROSigner

func NewROSigner(pubKey ssh.PublicKey, encBytes []byte) *ROSigner

NewROSigner adds a new SSH identity to the ROAgent

func (ROSigner) PublicKey

func (rosigner ROSigner) PublicKey() ssh.PublicKey

func (ROSigner) Sign

func (rosigner ROSigner) Sign(rand io.Reader, msg []byte) (signature *ssh.Signature, err error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL