| rfc9987v1.txt | rfc9987.txt | |||
|---|---|---|---|---|
| skipping to change at line 247 ¶ | skipping to change at line 247 ¶ | |||
| Otherwise, an agent MAY refuse to load a key that has already been | Otherwise, an agent MAY refuse to load a key that has already been | |||
| loaded. | loaded. | |||
| An agent MAY support only a subset of the key types defined here and | An agent MAY support only a subset of the key types defined here and | |||
| MAY support additional key types as described below. If an agent | MAY support additional key types as described below. If an agent | |||
| does not recognise the type name in a request to add a key, then it | does not recognise the type name in a request to add a key, then it | |||
| MUST respond with an SSH_AGENT_FAILURE reply. | MUST respond with an SSH_AGENT_FAILURE reply. | |||
| 5.2.1. DSA Keys | 5.2.1. DSA Keys | |||
| Digital Signature Algorithm (DSA) keys have key type "ssh-dss" and | Digital Signature Algorithm (DSA) keys have key type name "ssh-dss" | |||
| are defined in [RFC4253]. They may be added to the agent using the | and are defined in [RFC4253]. They may be added to the agent using | |||
| following message. The "constraints" field is only present for the | the following message. The "constraints" field is only present for | |||
| SSH_AGENTC_ADD_ID_CONSTRAINED message. | the SSH_AGENTC_ADD_ID_CONSTRAINED message. | |||
| byte SSH_AGENTC_ADD_IDENTITY or | byte SSH_AGENTC_ADD_IDENTITY or | |||
| SSH_AGENTC_ADD_ID_CONSTRAINED | SSH_AGENTC_ADD_ID_CONSTRAINED | |||
| string "ssh-dss" | string "ssh-dss" | |||
| mpint p | mpint p | |||
| mpint q | mpint q | |||
| mpint g | mpint g | |||
| mpint y | mpint y | |||
| mpint x | mpint x | |||
| string comment | string comment | |||
| skipping to change at line 305 ¶ | skipping to change at line 305 ¶ | |||
| byte SSH_AGENTC_ADD_IDENTITY or | byte SSH_AGENTC_ADD_IDENTITY or | |||
| SSH_AGENTC_ADD_ID_CONSTRAINED | SSH_AGENTC_ADD_ID_CONSTRAINED | |||
| string "ssh-ed25519" or "ssh-ed448" | string "ssh-ed25519" or "ssh-ed448" | |||
| string ENC(A) | string ENC(A) | |||
| string k || ENC(A) | string k || ENC(A) | |||
| string comment | string comment | |||
| constraint[] constraints | constraint[] constraints | |||
| The first value is the EdDSA public key ENC(A). The second value is | The first value is the EdDSA public key ENC(A). The second value is | |||
| a concatenation of the private key k and the public ENC(A) key (this | a concatenation of the private key k and the public ENC(A) key (this | |||
| redundant repetition of the public key is to maintain compatibility | repetition of the public key is to maintain compatibility with widely | |||
| with widely deployed implementations). The contents and | deployed implementations). The contents and interpretation of the | |||
| interpretation of the ENC(A) and k values are defined by Section 3.2 | ENC(A) and k values are defined by Section 3.2 of [RFC8032]. | |||
| of [RFC8032]. | ||||
| 5.2.4. RSA Keys | 5.2.4. RSA Keys | |||
| RSA keys have key type "ssh-rsa" and are defined in [RFC4253]. They | RSA keys have key type name "ssh-rsa" and are defined in [RFC4253]. | |||
| may be added to the agent using the following message. The | They may be added to the agent using the following message. The | |||
| "constraints" field is only present for the | "constraints" field is only present for the | |||
| SSH_AGENTC_ADD_ID_CONSTRAINED message. | SSH_AGENTC_ADD_ID_CONSTRAINED message. | |||
| byte SSH_AGENTC_ADD_IDENTITY or | byte SSH_AGENTC_ADD_IDENTITY or | |||
| SSH_AGENTC_ADD_ID_CONSTRAINED | SSH_AGENTC_ADD_ID_CONSTRAINED | |||
| string "ssh-rsa" | string "ssh-rsa" | |||
| mpint n | mpint n | |||
| mpint e | mpint e | |||
| mpint d | mpint d | |||
| mpint iqmp | mpint iqmp | |||
| skipping to change at line 487 ¶ | skipping to change at line 486 ¶ | |||
| byte SSH_AGENTC_REMOVE_SMARTCARD_KEY | byte SSH_AGENTC_REMOVE_SMARTCARD_KEY | |||
| string token id | string token id | |||
| string PIN | string PIN | |||
| Where "token id" is an opaque identifier for the hardware token and | Where "token id" is an opaque identifier for the hardware token and | |||
| "PIN" is an optional password or PIN (not typically used), both | "PIN" is an optional password or PIN (not typically used), both | |||
| encoded using UTF-8. Requesting deletion of token-hosted keys SHOULD | encoded using UTF-8. Requesting deletion of token-hosted keys SHOULD | |||
| cause the agent to remove all keys it loaded from the device matching | cause the agent to remove all keys it loaded from the device matching | |||
| "token id". Similarly to SSH_AGENTC_REMOVE_ALL_IDENTITIES, agents | "token id". Similarly to SSH_AGENTC_REMOVE_ALL_IDENTITIES, agents | |||
| SHOULD honour this request regardless of local policy to allow fast | SHOULD honour this request regardless of local policy to allow fast | |||
| and complete removal of keys. Note: this operation affects the agent | and complete removal of keys. Removing a token-hosted key affects | |||
| only; it SHOULD NOT cause the keys be deleted from the token itself. | the agent only; it SHOULD NOT cause the keys be deleted from the | |||
| token itself. | ||||
| An agent MUST reply with SSH_AGENT_SUCCESS if the keys were deleted | An agent MUST reply with SSH_AGENT_SUCCESS if the keys were deleted | |||
| or SSH_AGENT_FAILURE if none were found. | or SSH_AGENT_FAILURE if none were found. | |||
| 5.5. Requesting a List of Keys | 5.5. Requesting a List of Keys | |||
| A client may request a list of keys from an agent using the following | A client may request a list of keys from an agent using the following | |||
| message: | message: | |||
| byte SSH_AGENTC_REQUEST_IDENTITIES | byte SSH_AGENTC_REQUEST_IDENTITIES | |||
| skipping to change at line 654 ¶ | skipping to change at line 654 ¶ | |||
| In both cases, it is common to expose the name or address of the | In both cases, it is common to expose the name or address of the | |||
| listening endpoint via an environment variable named "SSH_AUTH_SOCK". | listening endpoint via an environment variable named "SSH_AUTH_SOCK". | |||
| Clients of an agent will use this variable to locate and connect to | Clients of an agent will use this variable to locate and connect to | |||
| the listening agent. Alternatively, agents MAY use an implicit | the listening agent. Alternatively, agents MAY use an implicit | |||
| mechanism for clients to locate their endpoint, such as a default | mechanism for clients to locate their endpoint, such as a default | |||
| per-user location. | per-user location. | |||
| 7. Forwarding Access to an Agent | 7. Forwarding Access to an Agent | |||
| The agent protocol may be forwarded over an SSH connection, using the | Using the connection protocol described in [RFC4254], the agent | |||
| [RFC4254] connection protocol, allowing agent forwarding to be | protocol may be forwarded over an SSH connection. This allows agent | |||
| requested for any session channel, using a model that is similar to | forwarding to be requested for any session channel using a model that | |||
| the connection protocol's support for X11 Forwarding (Section 6.3 of | is similar to the connection protocol's support for X11 Forwarding | |||
| [RFC4254]). This feature is OPTIONAL for the SSH protocol and agent | (Section 6.3 of [RFC4254]). This feature is OPTIONAL for the SSH | |||
| implementations. | protocol and agent implementations. | |||
| 7.1. Advertising Agent Forwarding Support | 7.1. Advertising Agent Forwarding Support | |||
| Support for agent forwarding may be advertised by an SSH server using | Support for agent forwarding may be advertised by an SSH server using | |||
| the extension mechanism described in [RFC8308] using the name "agent- | the extension mechanism described in [RFC8308] using the name "agent- | |||
| forward" in the SSH_MSG_EXT_INFO message. | forward" in the SSH_MSG_EXT_INFO message. | |||
| string "agent-forward" | string "agent-forward" | |||
| string "0" (version) | string "0" (version) | |||
| skipping to change at line 734 ¶ | skipping to change at line 734 ¶ | |||
| As above, the "agent-connect" open type name SHOULD only be used if | As above, the "agent-connect" open type name SHOULD only be used if | |||
| support was explicitly advertised as per Section 7.1. | support was explicitly advertised as per Section 7.1. | |||
| An SSH client SHOULD be prepared to handle multiple concurrent | An SSH client SHOULD be prepared to handle multiple concurrent | |||
| forwarded connections to a client-side agent; otherwise, requests to | forwarded connections to a client-side agent; otherwise, requests to | |||
| access the agent from the remote side that happen to overlap prior | access the agent from the remote side that happen to overlap prior | |||
| requests may fail. Overlapping requests may occur because the SSH | requests may fail. Overlapping requests may occur because the SSH | |||
| connection protocol [RFC4254] allows multiple user sessions over a | connection protocol [RFC4254] allows multiple user sessions over a | |||
| single transport (see [RFC4253]), which may each request use of the | single transport (see [RFC4253]), which may each request use of the | |||
| agentcw independently and potentially concurrently. | agent independently and potentially concurrently. | |||
| An SSH client MAY accept agent connection requests (subject to | An SSH client MAY accept agent connection requests (subject to | |||
| authorisation) without a prior agent forwarding request having been | authorisation) without a prior agent forwarding request having been | |||
| made to support the situation where agent forwarding without opening | made to support the situation where agent forwarding without opening | |||
| a session is desired. Similarly, an SSH client MAY continue to | a session is desired. Similarly, an SSH client MAY continue to | |||
| accept agent connection requests after the session for which agent | accept agent connection requests after the session for which agent | |||
| forwarding was requested has closed. | forwarding was requested has closed. | |||
| An SSH client MUST refuse unauthorised agent connection requests, | An SSH client MUST refuse unauthorised agent connection requests, | |||
| when agent forwarding is neither requested nor desired by the SSH | when agent forwarding is neither requested nor desired by the SSH | |||
| skipping to change at line 760 ¶ | skipping to change at line 760 ¶ | |||
| client-side agent using this protocol (although there may be multiple | client-side agent using this protocol (although there may be multiple | |||
| concurrent connections to that single agent). | concurrent connections to that single agent). | |||
| 8. Protocol Numbers | 8. Protocol Numbers | |||
| 8.1. Message Type Numbers | 8.1. Message Type Numbers | |||
| The following numbers are used as message types for requests from the | The following numbers are used as message types for requests from the | |||
| client to the agent. | client to the agent. | |||
| SSH_AGENTC_REQUEST_IDENTITIES 11 | +------------------------------------------+----+ | |||
| SSH_AGENTC_SIGN_REQUEST 13 | | SSH_AGENTC_REQUEST_IDENTITIES | 11 | | |||
| SSH_AGENTC_ADD_IDENTITY 17 | +------------------------------------------+----+ | |||
| SSH_AGENTC_REMOVE_IDENTITY 18 | | SSH_AGENTC_SIGN_REQUEST | 13 | | |||
| SSH_AGENTC_REMOVE_ALL_IDENTITIES 19 | +------------------------------------------+----+ | |||
| SSH_AGENTC_ADD_SMARTCARD_KEY 20 | | SSH_AGENTC_ADD_IDENTITY | 17 | | |||
| SSH_AGENTC_REMOVE_SMARTCARD_KEY 21 | +------------------------------------------+----+ | |||
| SSH_AGENTC_LOCK 22 | | SSH_AGENTC_REMOVE_IDENTITY | 18 | | |||
| SSH_AGENTC_UNLOCK 23 | +------------------------------------------+----+ | |||
| SSH_AGENTC_ADD_ID_CONSTRAINED 25 | | SSH_AGENTC_REMOVE_ALL_IDENTITIES | 19 | | |||
| SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED 26 | +------------------------------------------+----+ | |||
| SSH_AGENTC_EXTENSION 27 | | SSH_AGENTC_ADD_SMARTCARD_KEY | 20 | | |||
| +------------------------------------------+----+ | ||||
| | SSH_AGENTC_REMOVE_SMARTCARD_KEY | 21 | | ||||
| +------------------------------------------+----+ | ||||
| | SSH_AGENTC_LOCK | 22 | | ||||
| +------------------------------------------+----+ | ||||
| | SSH_AGENTC_UNLOCK | 23 | | ||||
| +------------------------------------------+----+ | ||||
| | SSH_AGENTC_ADD_ID_CONSTRAINED | 25 | | ||||
| +------------------------------------------+----+ | ||||
| | SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED | 26 | | ||||
| +------------------------------------------+----+ | ||||
| | SSH_AGENTC_EXTENSION | 27 | | ||||
| +------------------------------------------+----+ | ||||
| Table 1 | ||||
| The following numbers are used as message types for replies from the | The following numbers are used as message types for replies from the | |||
| agent to the client. | agent to the client. | |||
| SSH_AGENT_FAILURE 5 | +------------------------------+----+ | |||
| SSH_AGENT_SUCCESS 6 | | SSH_AGENT_FAILURE | 5 | | |||
| SSH_AGENT_IDENTITIES_ANSWER 12 | +------------------------------+----+ | |||
| SSH_AGENT_SIGN_RESPONSE 14 | | SSH_AGENT_SUCCESS | 6 | | |||
| SSH_AGENT_EXTENSION_FAILURE 28 | +------------------------------+----+ | |||
| SSH_AGENT_EXTENSION_RESPONSE 29 | | SSH_AGENT_IDENTITIES_ANSWER | 12 | | |||
| +------------------------------+----+ | ||||
| | SSH_AGENT_SIGN_RESPONSE | 14 | | ||||
| +------------------------------+----+ | ||||
| | SSH_AGENT_EXTENSION_FAILURE | 28 | | ||||
| +------------------------------+----+ | ||||
| | SSH_AGENT_EXTENSION_RESPONSE | 29 | | ||||
| +------------------------------+----+ | ||||
| Table 2 | ||||
| 8.1.1. Reserved Message Type Numbers | 8.1.1. Reserved Message Type Numbers | |||
| The following message type numbers are reserved for implementations | The following message type numbers are reserved for implementations | |||
| that implement support for the legacy SSH protocol version 1: 1-4, | that implement support for the legacy SSH protocol version 1: 1-4, | |||
| 7-10, 15-16, and 24 (inclusive). These message numbers MAY be used | 7-10, 15-16, and 24 (inclusive). These message numbers MAY be used | |||
| by an implementation supporting the legacy protocol but MUST NOT be | by an implementation supporting the legacy protocol but MUST NOT be | |||
| reused otherwise. | reused otherwise. | |||
| Message number 0 is also reserved and MUST NOT be used. | Message number 0 is also reserved and MUST NOT be used. | |||
| The range of message numbers 240-255 is reserved for Private Use | The range of message numbers 240-255 is reserved for Private Use | |||
| extensions to the agent protocol and MUST NOT be used by generic | extensions to the agent protocol and MUST NOT be used by generic | |||
| implementations (see [RFC8126] for more information on Private Use). | implementations (see [RFC8126] for more information on Private Use). | |||
| 8.2. Constraint Identifiers | 8.2. Constraint Identifiers | |||
| The following numbers are used to identify key constraints. These | The following numbers are used to identify key constraints. These | |||
| are only used in key constraints and are not sent as message numbers. | are only used in key constraints and are not sent as message numbers. | |||
| SSH_AGENT_CONSTRAIN_LIFETIME 1 | +-------------------------------+-----+ | |||
| SSH_AGENT_CONSTRAIN_CONFIRM 2 | | SSH_AGENT_CONSTRAIN_LIFETIME | 1 | | |||
| SSH_AGENT_CONSTRAIN_EXTENSION 255 | +-------------------------------+-----+ | |||
| | SSH_AGENT_CONSTRAIN_CONFIRM | 2 | | ||||
| +-------------------------------+-----+ | ||||
| | SSH_AGENT_CONSTRAIN_EXTENSION | 255 | | ||||
| +-------------------------------+-----+ | ||||
| Table 3 | ||||
| The constraint identifier 0 is reserved. | The constraint identifier 0 is reserved. | |||
| 8.3. Signature Flags | 8.3. Signature Flags | |||
| The following numbers may be present in signature request | The following numbers may be present in signature request | |||
| (SSH_AGENTC_SIGN_REQUEST) messages. These flags form a bit field by | (SSH_AGENTC_SIGN_REQUEST) messages. These flags form a bit field by | |||
| taking the logical OR of zero or more flags. | taking the logical OR of zero or more flags. | |||
| SSH_AGENT_RSA_SHA2_256 0x00000002 | +------------------------+------------+ | |||
| SSH_AGENT_RSA_SHA2_512 0x00000004 | | SSH_AGENT_RSA_SHA2_256 | 0x00000002 | | |||
| +------------------------+------------+ | ||||
| | SSH_AGENT_RSA_SHA2_512 | 0x00000004 | | ||||
| +------------------------+------------+ | ||||
| Table 4 | ||||
| The flag value 1 is reserved for historical implementations. | The flag value 1 is reserved for historical implementations. | |||
| 9. IANA Considerations | 9. IANA Considerations | |||
| This protocol describes the establishment of five registries: one for | This protocol describes the establishment of five registries: one for | |||
| message type numbers, one for constraint numbers, one for signature | message type numbers, one for constraint numbers, one for signature | |||
| request flags, one for constraint extension names, and one for | request flags, one for constraint extension names, and one for | |||
| extension request names. Additionally, new codepoints are requested | extension request names. Additionally, new codepoints are requested | |||
| in three existing registries. | in three existing registries. | |||
| skipping to change at line 991 ¶ | skipping to change at line 1026 ¶ | |||
| | | | 5.8 and 8.1 | | | | | 5.8 and 8.1 | | |||
| +---------+------------------------------------------+-------------+ | +---------+------------------------------------------+-------------+ | |||
| | 29 | SSH_AGENT_EXTENSION_RESPONSE | RFC 9987, | | | 29 | SSH_AGENT_EXTENSION_RESPONSE | RFC 9987, | | |||
| | | | Sections | | | | | Sections | | |||
| | | | 5.8 and 8.1 | | | | | 5.8 and 8.1 | | |||
| +---------+------------------------------------------+-------------+ | +---------+------------------------------------------+-------------+ | |||
| | 240-255 | Private Use | RFC 9987, | | | 240-255 | Private Use | RFC 9987, | | |||
| | | | Section 8.1 | | | | | Section 8.1 | | |||
| +---------+------------------------------------------+-------------+ | +---------+------------------------------------------+-------------+ | |||
| Table 1 | Table 5 | |||
| 9.3. "SSH Agent Key Constraint Numbers" Registry | 9.3. "SSH Agent Key Constraint Numbers" Registry | |||
| The "SSH Agent Key Constraint Numbers" registry records the message | The "SSH Agent Key Constraint Numbers" registry records the message | |||
| numbers for key use constraints. It is located in the "Secure Shell | numbers for key use constraints. It is located in the "Secure Shell | |||
| (SSH) Protocol Parameters" registry group [IANA-SSH]. Its initial | (SSH) Protocol Parameters" registry group [IANA-SSH]. Its initial | |||
| state is as follows. Future key constraint number allocations shall | state is as follows. Future key constraint number allocations shall | |||
| occur via Expert Review as per [RFC8126]. | occur via Expert Review as per [RFC8126]. | |||
| +========+===============================+=======================+ | +========+===============================+=======================+ | |||
| skipping to change at line 1013 ¶ | skipping to change at line 1048 ¶ | |||
| +========+===============================+=======================+ | +========+===============================+=======================+ | |||
| | 0 | Reserved | RFC 9987, Section 8.2 | | | 0 | Reserved | RFC 9987, Section 8.2 | | |||
| +--------+-------------------------------+-----------------------+ | +--------+-------------------------------+-----------------------+ | |||
| | 1 | SSH_AGENT_CONSTRAIN_LIFETIME | RFC 9987, Section 8.2 | | | 1 | SSH_AGENT_CONSTRAIN_LIFETIME | RFC 9987, Section 8.2 | | |||
| +--------+-------------------------------+-----------------------+ | +--------+-------------------------------+-----------------------+ | |||
| | 2 | SSH_AGENT_CONSTRAIN_CONFIRM | RFC 9987, Section 8.2 | | | 2 | SSH_AGENT_CONSTRAIN_CONFIRM | RFC 9987, Section 8.2 | | |||
| +--------+-------------------------------+-----------------------+ | +--------+-------------------------------+-----------------------+ | |||
| | 255 | SSH_AGENT_CONSTRAIN_EXTENSION | RFC 9987, Section 8.2 | | | 255 | SSH_AGENT_CONSTRAIN_EXTENSION | RFC 9987, Section 8.2 | | |||
| +--------+-------------------------------+-----------------------+ | +--------+-------------------------------+-----------------------+ | |||
| Table 2 | Table 6 | |||
| 9.4. "SSH Agent Key Constraint Extension Names" Registry | 9.4. "SSH Agent Key Constraint Extension Names" Registry | |||
| The "SSH Agent Key Constraint Extension Names" registry records the | The "SSH Agent Key Constraint Extension Names" registry records the | |||
| names used in the SSH_AGENT_CONSTRAIN_EXTENSION constraint extension | names used in the SSH_AGENT_CONSTRAIN_EXTENSION constraint extension | |||
| type (Section 5.2.7.3). It is located in the "Secure Shell (SSH) | type (Section 5.2.7.3). It is located in the "Secure Shell (SSH) | |||
| Protocol Parameters" registry group [IANA-SSH]. Its initial state is | Protocol Parameters" registry group [IANA-SSH]. Its initial state is | |||
| empty. Future key constraint extension name allocations shall occur | empty. Future key constraint extension name allocations shall occur | |||
| via Expert Review as per [RFC8126]. | via Expert Review as per [RFC8126]. | |||
| skipping to change at line 1047 ¶ | skipping to change at line 1082 ¶ | |||
| +========+========================+=======================+ | +========+========================+=======================+ | |||
| | Number | Identifier | Reference | | | Number | Identifier | Reference | | |||
| +========+========================+=======================+ | +========+========================+=======================+ | |||
| | 0x01 | Reserved | RFC 9987, Section 8.3 | | | 0x01 | Reserved | RFC 9987, Section 8.3 | | |||
| +--------+------------------------+-----------------------+ | +--------+------------------------+-----------------------+ | |||
| | 0x02 | SSH_AGENT_RSA_SHA2_256 | RFC 9987, Section 8.3 | | | 0x02 | SSH_AGENT_RSA_SHA2_256 | RFC 9987, Section 8.3 | | |||
| +--------+------------------------+-----------------------+ | +--------+------------------------+-----------------------+ | |||
| | 0x04 | SSH_AGENT_RSA_SHA2_512 | RFC 9987, Section 8.3 | | | 0x04 | SSH_AGENT_RSA_SHA2_512 | RFC 9987, Section 8.3 | | |||
| +--------+------------------------+-----------------------+ | +--------+------------------------+-----------------------+ | |||
| Table 3 | Table 7 | |||
| 9.6. "SSH Agent Extension Request Names" Registry | 9.6. "SSH Agent Extension Request Names" Registry | |||
| The "SSH Agent Extension Request Names" registry records the names | The "SSH Agent Extension Request Names" registry records the names | |||
| used in the generic extension request message (SSH_AGENTC_EXTENSION). | used in the generic extension request message (SSH_AGENTC_EXTENSION). | |||
| It is located in the "Secure Shell (SSH) Protocol Parameters" | It is located in the "Secure Shell (SSH) Protocol Parameters" | |||
| registry group [IANA-SSH]. Its initial state consists of the | registry group [IANA-SSH]. Its initial state consists of the | |||
| following names. | following names. | |||
| Future name allocations shall occur via Expert Review as per | Future name allocations shall occur via Expert Review as per | |||
| [RFC8126]. | [RFC8126]. | |||
| +================+=========================+ | +================+=========================+ | |||
| | Extension Name | Reference | | | Extension Name | Reference | | |||
| +================+=========================+ | +================+=========================+ | |||
| | query | RFC 9987, Section 5.8.1 | | | query | RFC 9987, Section 5.8.1 | | |||
| +----------------+-------------------------+ | +----------------+-------------------------+ | |||
| Table 4 | Table 8 | |||
| 9.7. Additions to the "Extension Names" Registry | 9.7. Additions to the "Extension Names" Registry | |||
| IANA has added the following entries to the "Extension Names" | IANA has added the following entries to the "Extension Names" | |||
| registry [IANA-SSH-EXT] in the "Secure Shell (SSH) Protocol | registry [IANA-SSH-EXT] in the "Secure Shell (SSH) Protocol | |||
| Parameters" registry group [IANA-SSH]. | Parameters" registry group [IANA-SSH]. | |||
| +================+=======================+ | +================+=======================+ | |||
| | Extension Name | Reference | | | Extension Name | Reference | | |||
| +================+=======================+ | +================+=======================+ | |||
| | agent-forward | RFC 9987, Section 7.1 | | | agent-forward | RFC 9987, Section 7.1 | | |||
| +----------------+-----------------------+ | +----------------+-----------------------+ | |||
| Table 5 | Table 9 | |||
| 9.8. Additions to the "Connection Protocol Channel Request Names" | 9.8. Additions to the "Connection Protocol Channel Request Names" | |||
| Registry | Registry | |||
| IANA has added the following entries to the "Connection Protocol | IANA has added the following entries to the "Connection Protocol | |||
| Channel Request Names" registry [IANA-SSH-CHANREQ] in the "Secure | Channel Request Names" registry [IANA-SSH-CHANREQ] in the "Secure | |||
| Shell (SSH) Protocol Parameters" registry group [IANA-SSH]. | Shell (SSH) Protocol Parameters" registry group [IANA-SSH]. | |||
| +==============+=======================+ | +==============+=======================+ | |||
| | Request Type | Reference | | | Request Type | Reference | | |||
| +==============+=======================+ | +==============+=======================+ | |||
| | agent-req | RFC 9987, Section 7.2 | | | agent-req | RFC 9987, Section 7.2 | | |||
| +--------------+-----------------------+ | +--------------+-----------------------+ | |||
| Table 6 | Table 10 | |||
| 9.9. Additions to the "Connection Protocol Channel Types" Registry | 9.9. Additions to the "Connection Protocol Channel Types" Registry | |||
| IANA has added the following entries to the "Connection Protocol | IANA has added the following entries to the "Connection Protocol | |||
| Channel Types" registry [IANA-SSH-CHANTYPE] under the "Secure Shell | Channel Types" registry [IANA-SSH-CHANTYPE] under the "Secure Shell | |||
| (SSH) Protocol Parameters" registry group [IANA-SSH]. | (SSH) Protocol Parameters" registry group [IANA-SSH]. | |||
| +===============+=======================+ | +===============+=======================+ | |||
| | Channel Type | Reference | | | Channel Type | Reference | | |||
| +===============+=======================+ | +===============+=======================+ | |||
| | agent-connect | RFC 9987, Section 7.3 | | | agent-connect | RFC 9987, Section 7.3 | | |||
| +---------------+-----------------------+ | +---------------+-----------------------+ | |||
| Table 7 | Table 11 | |||
| 10. Security Considerations | 10. Security Considerations | |||
| The agent is a service that is tasked with retaining and providing | The agent is a service that is tasked with retaining and providing | |||
| controlled access to what are typically long-lived login | controlled access to what are typically long-lived login | |||
| authentication credentials. It is, by nature, a sensitive and | authentication credentials. It is, by nature, a sensitive and | |||
| trusted software component. Moreover, the agent protocol itself does | trusted software component. Moreover, the agent protocol itself does | |||
| not include any authentication or transport security; ability to | not include any authentication or transport security; ability to | |||
| communicate with an agent is usually sufficient to invoke it to | communicate with an agent is usually sufficient to invoke it to | |||
| perform private key operations. | perform private key operations. | |||
| skipping to change at line 1167 ¶ | skipping to change at line 1202 ¶ | |||
| Forwarding access to a local agent over an SSH connection (Section 7) | Forwarding access to a local agent over an SSH connection (Section 7) | |||
| inherently creates a transitive trust relationship. SSH | inherently creates a transitive trust relationship. SSH | |||
| implementations SHOULD NOT forward use of an agent by default, and | implementations SHOULD NOT forward use of an agent by default, and | |||
| users SHOULD NOT forward use of an agent to hosts that are not fully | users SHOULD NOT forward use of an agent to hosts that are not fully | |||
| trusted, as doing so could expose access to the user's keys to | trusted, as doing so could expose access to the user's keys to | |||
| attackers on remote hosts. Agents SHOULD implement additional | attackers on remote hosts. Agents SHOULD implement additional | |||
| controls over key visibility and use for forwarded agent connections; | controls over key visibility and use for forwarded agent connections; | |||
| otherwise, the user has only an all-or-nothing choice about whether | otherwise, the user has only an all-or-nothing choice about whether | |||
| to forward an agent. | to forward an agent. | |||
| Implementation of token/smartcard-hosted keys requires some care, | Implementation of keys hosted by a token or smartcard requires some | |||
| too. On some systems, tokens may be invoked by providing a path to a | care, too. On some systems, tokens may be invoked by providing a | |||
| shared library that must be loaded to make use of keys hosted on the | path to a shared library that must be loaded to make use of keys | |||
| device (a path to a library for a particular PKCS#11 module, for | hosted on the device (a path to a library for a particular PKCS#11 | |||
| example). Loading a shared library on most platforms implies | module, for example). Loading a shared library on most platforms | |||
| automatic execution of code in that library in the address space of | implies automatic execution of code in that library in the address | |||
| the process that loads it. To avoid the loading of potentially | space of the process that loads it. To avoid the loading of | |||
| hostile code, agents that support loading token-hosted keys via a | potentially hostile code, agents that support loading token-hosted | |||
| library path SHOULD ensure that only trusted token provider libraries | keys via a library path SHOULD ensure that only trusted token | |||
| are loadable. Additionally, agents SHOULD ensure that loaded token | provider libraries are loadable. Additionally, agents SHOULD ensure | |||
| library code cannot gain access to other keys loaded in the agent and | that loaded token library code cannot gain access to other keys | |||
| MAY disallow remote clients from loading token keys entirely. | loaded in the agent and MAY disallow remote clients from loading | |||
| Protection for existing keys from a token library code may be | token keys entirely. Protection for existing keys from a token | |||
| achieved by loading the token library into a separate process to the | library code may be achieved by loading the token library into a | |||
| agent and arranging for the agent to invoke token operations to this | separate process to the agent and arranging for the agent to invoke | |||
| process via IPC. | token operations to this process via IPC. | |||
| Finally, with respect to the agent locking functionality in | Finally, with respect to the agent locking functionality in | |||
| Section 5.7, an agent SHOULD take countermeasures against brute-force | Section 5.7, an agent SHOULD take countermeasures against brute-force | |||
| guessing attacks on the passphrase. This may take the form of | guessing attacks on the passphrase. This may take the form of | |||
| enforced delays when an unlock attempt is made with an incorrect | enforced delays when an unlock attempt is made with an incorrect | |||
| password (potentially increasing for subsequent failures), a lockout | password (potentially increasing for subsequent failures), a lockout | |||
| period where the agent refuses to accept further requests after some | period where the agent refuses to accept further requests after some | |||
| threshold of failed unlock attempts has been made, and/or deletion of | threshold of failed unlock attempts has been made, and/or deletion of | |||
| all keys held by the agent after a threshold of failed unlock | all keys held by the agent after a threshold of failed unlock | |||
| attempts. | attempts. | |||
| 11. References | 11. References | |||
| 11.1. Normative References | 11.1. Normative References | |||
| [FIPS.186-4] | ||||
| NIST, "Digital Signature Standard (DSS)", NIST FIPS 186-4, | ||||
| DOI 10.6028/NIST.FIPS.186-4, June 2013, | ||||
| <https://doi.org/10.6028/NIST.FIPS.186-4>. | ||||
| [FIPS.186-5] | ||||
| NIST, "Digital Signature Standard (DSS)", NIST FIPS 186-5, | ||||
| DOI 10.6028/NIST.FIPS.186-5, February 2023, | ||||
| <https://doi.org/10.6028/NIST.FIPS.186-5>. | ||||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
| DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
| <https://www.rfc-editor.org/info/rfc2119>. | <https://www.rfc-editor.org/info/rfc2119>. | |||
| [RFC4251] Ylonen, T. and C. Lonvick, Ed., "The Secure Shell (SSH) | [RFC4251] Ylonen, T. and C. Lonvick, Ed., "The Secure Shell (SSH) | |||
| Protocol Architecture", RFC 4251, DOI 10.17487/RFC4251, | Protocol Architecture", RFC 4251, DOI 10.17487/RFC4251, | |||
| January 2006, <https://www.rfc-editor.org/info/rfc4251>. | January 2006, <https://www.rfc-editor.org/info/rfc4251>. | |||
| [RFC4253] Ylonen, T. and C. Lonvick, Ed., "The Secure Shell (SSH) | [RFC4253] Ylonen, T. and C. Lonvick, Ed., "The Secure Shell (SSH) | |||
| skipping to change at line 1243 ¶ | skipping to change at line 1288 ¶ | |||
| [RFC8332] Bider, D., "Use of RSA Keys with SHA-256 and SHA-512 in | [RFC8332] Bider, D., "Use of RSA Keys with SHA-256 and SHA-512 in | |||
| the Secure Shell (SSH) Protocol", RFC 8332, | the Secure Shell (SSH) Protocol", RFC 8332, | |||
| DOI 10.17487/RFC8332, March 2018, | DOI 10.17487/RFC8332, March 2018, | |||
| <https://www.rfc-editor.org/info/rfc8332>. | <https://www.rfc-editor.org/info/rfc8332>. | |||
| [RFC8709] Harris, B. and L. Velvindron, "Ed25519 and Ed448 Public | [RFC8709] Harris, B. and L. Velvindron, "Ed25519 and Ed448 Public | |||
| Key Algorithms for the Secure Shell (SSH) Protocol", | Key Algorithms for the Secure Shell (SSH) Protocol", | |||
| RFC 8709, DOI 10.17487/RFC8709, February 2020, | RFC 8709, DOI 10.17487/RFC8709, February 2020, | |||
| <https://www.rfc-editor.org/info/rfc8709>. | <https://www.rfc-editor.org/info/rfc8709>. | |||
| [FIPS.186-4] | ||||
| NIST, "Digital Signature Standard (DSS)", NIST FIPS 186-4, | ||||
| DOI 10.6028/NIST.FIPS.186-4, June 2013, | ||||
| <https://doi.org/10.6028/NIST.FIPS.186-4>. | ||||
| [FIPS.186-5] | ||||
| NIST, "Digital Signature Standard (DSS)", NIST FIPS 186-5, | ||||
| DOI 10.6028/NIST.FIPS.186-5, February 2023, | ||||
| <https://doi.org/10.6028/NIST.FIPS.186-5>. | ||||
| 11.2. Informative References | 11.2. Informative References | |||
| [RFC4252] Ylonen, T. and C. Lonvick, Ed., "The Secure Shell (SSH) | [IANA-PUBKEYS] | |||
| Authentication Protocol", RFC 4252, DOI 10.17487/RFC4252, | IANA, "Public Key Algorithm Names", | |||
| January 2006, <https://www.rfc-editor.org/info/rfc4252>. | <https://www.iana.org/assignments/ssh-parameters/>. | |||
| [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for | [IANA-SSH] IANA, "Secure Shell (SSH) Protocol Parameters", | |||
| Writing an IANA Considerations Section in RFCs", BCP 26, | <https://www.iana.org/assignments/ssh-parameters/>. | |||
| RFC 8126, DOI 10.17487/RFC8126, June 2017, | ||||
| <https://www.rfc-editor.org/info/rfc8126>. | ||||
| [IANA-SSH-CHANREQ] | [IANA-SSH-CHANREQ] | |||
| IANA, "Connection Protocol Channel Types", | IANA, "Connection Protocol Channel Types", | |||
| <https://www.iana.org/assignments/ssh-parameters/>. | <https://www.iana.org/assignments/ssh-parameters/>. | |||
| [IANA-SSH] IANA, "Secure Shell (SSH) Protocol Parameters", | ||||
| <https://www.iana.org/assignments/ssh-parameters/>. | ||||
| [IANA-SSH-CHANTYPE] | [IANA-SSH-CHANTYPE] | |||
| IANA, "Extension Names", | IANA, "Extension Names", | |||
| <https://www.iana.org/assignments/ssh-parameters/>. | <https://www.iana.org/assignments/ssh-parameters/>. | |||
| [IANA-SSH-EXT] | [IANA-SSH-EXT] | |||
| IANA, "Connection Protocol Channel Request Names", | IANA, "Connection Protocol Channel Request Names", | |||
| <https://www.iana.org/assignments/ssh-parameters/>. | <https://www.iana.org/assignments/ssh-parameters/>. | |||
| [IANA-PUBKEYS] | [RFC4252] Ylonen, T. and C. Lonvick, Ed., "The Secure Shell (SSH) | |||
| IANA, "Public Key Algorithm Names", | Authentication Protocol", RFC 4252, DOI 10.17487/RFC4252, | |||
| <https://www.iana.org/assignments/ssh-parameters/>. | January 2006, <https://www.rfc-editor.org/info/rfc4252>. | |||
| [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for | ||||
| Writing an IANA Considerations Section in RFCs", BCP 26, | ||||
| RFC 8126, DOI 10.17487/RFC8126, June 2017, | ||||
| <https://www.rfc-editor.org/info/rfc8126>. | ||||
| Acknowledgments | Acknowledgments | |||
| This protocol was designed and first implemented by Markus Friedl, | This protocol was designed and first implemented by Markus Friedl, | |||
| based on a similar protocol for an agent to support the legacy SSH | based on a similar protocol for an agent to support the legacy SSH | |||
| version 1 by Tatu Ylonen. | version 1 by Tatu Ylonen. | |||
| Thanks to Simon Tatham, Niels Möller, James Spencer, Simon Josefsson, | Thanks to Simon Tatham, Niels Möller, James Spencer, Simon Josefsson, | |||
| Matt Johnston, Jakub Jelen, Rich Salz, Caspar Schutijser, Florian | Matt Johnston, Jakub Jelen, Rich Salz, Caspar Schutijser, Florian | |||
| Obser, Martin Thomson, Deb Cooley, and Tero Kivinen who reviewed and | Obser, Martin Thomson, Deb Cooley, and Tero Kivinen who reviewed and | |||
| End of changes. 24 change blocks. | ||||
| 88 lines changed or deleted | 123 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. | ||||