Specification for agent protocol
Damien Miller <djm@mindrot.org> Tue, 24 May 2016 07:29 UTC
Return-Path: <bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org>
X-Original-To: ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com
Delivered-To: ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8037112D5FD for <ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com>; Tue, 24 May 2016 00:29:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.626
X-Spam-Level:
X-Spam-Status: No, score=-5.626 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.426, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id huGmk-8BruGO for <ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com>; Tue, 24 May 2016 00:29:15 -0700 (PDT)
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B0AA012D8E1 for <secsh-tyoxbijeg7-archive@lists.ietf.org>; Tue, 24 May 2016 00:29:15 -0700 (PDT)
Received: by mail.netbsd.org (Postfix, from userid 605) id 3702B85E9C; Tue, 24 May 2016 07:29:13 +0000 (UTC)
Delivered-To: ietf-ssh@netbsd.org
Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id A0A7085E6B for <ietf-ssh@netbsd.org>; Tue, 24 May 2016 07:29:11 +0000 (UTC)
X-Virus-Scanned: amavisd-new at netbsd.org
Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.netbsd.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id rW5MTwLGbDhH for <ietf-ssh@netbsd.org>; Tue, 24 May 2016 07:29:11 +0000 (UTC)
Received: from newmailhub.uq.edu.au (mailhub1.soe.uq.edu.au [130.102.132.208]) by mail.netbsd.org (Postfix) with ESMTP id C498585E62 for <ietf-ssh@netbsd.org>; Tue, 24 May 2016 07:29:08 +0000 (UTC)
Received: from smtp1.soe.uq.edu.au (smtp1.soe.uq.edu.au [10.138.113.40]) by newmailhub.uq.edu.au (8.14.5/8.14.5) with ESMTP id u4O7T697032519 for <ietf-ssh@netbsd.org>; Tue, 24 May 2016 17:29:07 +1000
Received: from mailhub.eait.uq.edu.au (hazel.eait.uq.edu.au [130.102.60.17]) by smtp1.soe.uq.edu.au (8.14.5/8.14.5) with ESMTP id u4O7T66C022087 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <ietf-ssh@netbsd.org>; Tue, 24 May 2016 17:29:06 +1000
Received: from natsu.mindrot.org (natsu.mindrot.org [130.102.96.2]) by mailhub.eait.uq.edu.au (8.15.1/8.15.1) with ESMTPS id u4O7T666011617 (version=TLSv1.2 cipher=DHE-RSA-CHACHA20-POLY1305 bits=256 verify=NO) for <ietf-ssh@netbsd.org>; Tue, 24 May 2016 17:29:06 +1000 (AEST)
Received: by natsu.mindrot.org (Postfix, from userid 1000) id 30B99A4F32; Tue, 24 May 2016 17:29:06 +1000 (AEST)
Received: from localhost (localhost [127.0.0.1]) by natsu.mindrot.org (Postfix) with ESMTP id 2BB5BA4F31 for <ietf-ssh@netbsd.org>; Tue, 24 May 2016 17:29:06 +1000 (AEST)
Date: Tue, 24 May 2016 17:29:06 +1000
From: Damien Miller <djm@mindrot.org>
To: ietf-ssh@netbsd.org
Subject: Specification for agent protocol
Message-ID: <alpine.BSO.2.20.1605241721550.16569@natsu.mindrot.org>
User-Agent: Alpine 2.20 (BSO 67 2015-01-07)
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
X-Scanned-By: MIMEDefang 2.73 on UQ Mailhub
X-Scanned-By: MIMEDefang 2.75 on 130.102.60.17
X-UQ-FilterTime: 1464074947
Sender: ietf-ssh-owner@NetBSD.org
List-Id: ietf-ssh.NetBSD.org
Precedence: list
Hi, A few people have asked over the years for a proper specification of the agent protocol that most SSH implementations support. I've maintained the PROTOCOL.agent file[1] in the OpenSSH source distribution as a half-assed standard for some time, but I think that the protocol is widely used enough to warrant an actual RFC. So I've converted the half-assed documentation into something a little bit more formal and published it as an I-D at https://tools.ietf.org/html/draft-miller-ssh-agent-00 This is pretty much exactly the protocol as OpenSSH implements it. The main changes from PROTOCOL.agent (for those who are familiar with it) are removal of SSH v.1 bits and adding a couple of backwards-compatible extension mechanisms to support user@domain.org-style extensibility. I'd welcome any feedback and/or assistance in getting it completed and published. Thanks to Simon Tatham for reviewing an earlier version. -d [1] https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.agent
- Specification for agent protocol Damien Miller