1ef9e843fSdjmThe SSH agent protocol is described in 2cb290221Sdjmhttps://tools.ietf.org/html/draft-miller-ssh-agent 30cb81611Sdjm 4f8b8eda2SdtuckerThis file documents OpenSSH's extensions to the agent protocol. 5ef9e843fSdjm 6ef9e843fSdjm1. session-bind@openssh.com extension 7ef9e843fSdjm 8ef9e843fSdjmThis extension allows a ssh client to bind an agent connection to a 9ef9e843fSdjmparticular SSH session identifier as derived from the initial key 10ef9e843fSdjmexchange (as per RFC4253 section 7.2) and the host key used for that 11ef9e843fSdjmexchange. This binding is verifiable at the agent by including the 12ef9e843fSdjminitial KEX signature made by the host key. 13ef9e843fSdjm 14ef9e843fSdjmThe message format is: 15ef9e843fSdjm 16ef9e843fSdjm byte SSH_AGENTC_EXTENSION (0x1b) 17ef9e843fSdjm string session-bind@openssh.com 18ef9e843fSdjm string hostkey 19ef9e843fSdjm string session identifier 20ef9e843fSdjm string signature 21ef9e843fSdjm bool is_forwarding 22ef9e843fSdjm 23ef9e843fSdjmWhere 'hostkey' is the encoded server host public key, 'session 24069f99b1Sjsgidentifier' is the exchange hash derived from the initial key 25ef9e843fSdjmexchange, 'signature' is the server's signature of the session 26ef9e843fSdjmidentifier using the private hostkey, as sent in the final 27ef9e843fSdjmSSH2_MSG_KEXDH_REPLY/SSH2_MSG_KEXECDH_REPLY message of the initial key 28ef9e843fSdjmexchange. 'is_forwarding' is a flag indicating whether this connection 29ef9e843fSdjmshould be bound for user authentication or forwarding. 30ef9e843fSdjm 31ef9e843fSdjmWhen an agent received this message, it will verify the signature and 32ef9e843fSdjmcheck the consistency of its contents, including refusing to accept 33ef9e843fSdjma duplicate session identifier, or any attempt to bind a connection 34de20c680Sjsgpreviously bound for authentication. It will then record the 35ef9e843fSdjmbinding for the life of the connection for use later in testing per-key 36ef9e843fSdjmdestination constraints. 37ef9e843fSdjm 38ef9e843fSdjm2. restrict-destination-v00@openssh.com key constraint extension 39ef9e843fSdjm 40ef9e843fSdjmThe key constraint extension supports destination- and forwarding path- 41ef9e843fSdjmrestricted keys. It may be attached as a constraint when keys or 42ef9e843fSdjmsmartcard keys are added to an agent. 43ef9e843fSdjm 44ef9e843fSdjm byte SSH_AGENT_CONSTRAIN_EXTENSION (0xff) 45ef9e843fSdjm string restrict-destination-v00@openssh.com 46ef9e843fSdjm constraint[] constraints 47ef9e843fSdjm 48ef9e843fSdjmWhere a constraint consists of: 49ef9e843fSdjm 50ef9e843fSdjm string from_username (must be empty) 51ef9e843fSdjm string from_hostname 52*8d9e4209Sdjm string reserved 53ef9e843fSdjm keyspec[] from_hostkeys 54ef9e843fSdjm string to_username 55ef9e843fSdjm string to_hostname 56*8d9e4209Sdjm string reserved 57ef9e843fSdjm keyspec[] to_hostkeys 58*8d9e4209Sdjm string reserved 59ef9e843fSdjm 60e4b1fdb5SdtuckerAnd a keyspec consists of: 61ef9e843fSdjm 62ef9e843fSdjm string keyblob 63ef9e843fSdjm bool is_ca 64ef9e843fSdjm 65ef9e843fSdjmWhen receiving this message, the agent will ensure that the 66ef9e843fSdjm'from_username' field is empty, and that 'to_hostname' and 'to_hostkeys' 67ef9e843fSdjmhave been supplied (empty 'from_hostname' and 'from_hostkeys' are valid 68069f99b1Sjsgand signify the initial hop from the host running ssh-agent). The agent 69ef9e843fSdjmwill then record the constraint against the key. 70ef9e843fSdjm 71ef9e843fSdjmSubsequent operations on this key including add/remove/request 72ef9e843fSdjmidentities and, in particular, signature requests will check the key 73069f99b1Sjsgconstraints against the session-bind@openssh.com bindings recorded for 74ef9e843fSdjmthe agent connection over which they were received. 75ef9e843fSdjm 76ef9e843fSdjm3. SSH_AGENT_CONSTRAIN_MAXSIGN key constraint 77ef9e843fSdjm 78ef9e843fSdjmThis key constraint allows communication to an agent of the maximum 79ef9e843fSdjmnumber of signatures that may be made with an XMSS key. The format of 80ef9e843fSdjmthe constraint is: 81ef9e843fSdjm 82ef9e843fSdjm byte SSH_AGENT_CONSTRAIN_MAXSIGN (0x03) 83ef9e843fSdjm uint32 max_signatures 84ef9e843fSdjm 85ef9e843fSdjmThis option is only valid for XMSS keys. 86ef9e843fSdjm 87eead3eb2Sdjm3. associated-certs-v00@openssh.com key constraint extension 88eead3eb2Sdjm 89eead3eb2SdjmThe key constraint extension allows certificates to be associated 90eead3eb2Sdjmwith private keys as they are loaded from a PKCS#11 token. 91eead3eb2Sdjm 92eead3eb2Sdjm byte SSH_AGENT_CONSTRAIN_EXTENSION (0xff) 93eead3eb2Sdjm string associated-certs-v00@openssh.com 94eead3eb2Sdjm bool certs_only 95eead3eb2Sdjm string certsblob 96eead3eb2Sdjm 970a3ea9a3SjsgWhere "certsblob" consists of one or more certificates encoded as public 98eead3eb2Sdjmkey blobs: 99eead3eb2Sdjm 100eead3eb2Sdjm string[] certificates 101eead3eb2Sdjm 102eead3eb2SdjmThis extension is only valid for SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED 103eead3eb2Sdjmrequests. When an agent receives this extension, it will attempt to match 104eead3eb2Sdjmeach certificate in the request with a corresponding private key loaded 105eead3eb2Sdjmfrom the requested PKCS#11 token. When a matching key is found, the 106eead3eb2Sdjmagent will graft the certificate contents to the token-hosted private key 107eead3eb2Sdjmand store the result for subsequent use by regular agent operations. 108eead3eb2Sdjm 109eead3eb2SdjmIf the "certs_only" flag is set, then this extension will cause ONLY 110eead3eb2Sdjmthe resultant certificates to be loaded to the agent. The default 111eead3eb2Sdjmbehaviour is to load the PKCS#11-hosted private key as well as the 112eead3eb2Sdjmresultant certificate. 113eead3eb2Sdjm 114eead3eb2SdjmA SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED will return SSH_AGENT_SUCCESS 115eead3eb2Sdjmif any key (plain private or certificate) was successfully loaded, or 116eead3eb2SdjmSSH_AGENT_FAILURE if no key was loaded. 117eead3eb2Sdjm 118*8d9e4209Sdjm$OpenBSD: PROTOCOL.agent,v 1.23 2024/04/30 05:45:56 djm Exp $ 119