This documentation is based on sshkey_private_serialize() in sshkey.c, which is eventually called by ssh-add. --- PROTOCOL.agent | 25 +++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) diff --git a/PROTOCOL.agent b/PROTOCOL.agent index c386d16..5188225 100644 --- a/PROTOCOL.agent +++ b/PROTOCOL.agent @@ -252,13 +252,34 @@ RSA certificates may be added with this request: string key_comment constraint[] key_constraints +ED25519 keys may be added with this request: + + byte SSH2_AGENTC_ADD_IDENTITY or + SSH2_AGENTC_ADD_ID_CONSTRAINED + string "ssh-ed25519" + mpint ed25519_pk + mpint ed25519_sk + string key_comment + constraint[] key_constraints + +ED25519 certificates may be added with this request: + + byte SSH2_AGENTC_ADD_IDENTITY or + SSH2_AGENTC_ADD_ID_CONSTRAINED + string "ssh-ed25519-cert-v01@xxxxxxxxxxx" + string certificate + mpint ed25519_pk + mpint ed25519_sk + string key_comment + constraint[] key_constraints + Note that the 'rsa_p' and 'rsa_q' parameters are sent in the reverse order to the protocol 1 add keys message. As with the corresponding protocol 1 "add key" request, the private key is overspecified to avoid redundant processing. -For DSA, ECDSA and RSA key add requests, "key_constraints" may only be -present if the request type is SSH2_AGENTC_ADD_ID_CONSTRAINED. +For DSA, ECDSA, RSA, and ED25519 key add requests, "key_constraints" may +only be present if the request type is SSH2_AGENTC_ADD_ID_CONSTRAINED. The agent will reply with a SSH_AGENT_SUCCESS if the key has been successfully added or a SSH_AGENT_FAILURE if an error occurred. -- 2.8.1 _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
