class Net::SSH::Authentication::Agent

This class implements a simple client for the ssh-agent protocol. It does not implement any specific protocol, but instead copies the behavior of the ssh-agent functions in the OpenSSH library (3.8).

This means that although it behaves like a SSH1 client, it also has some SSH2 functionality (like signing data).

Constants

SSH2_AGENT_FAILURE
SSH2_AGENT_IDENTITIES_ANSWER
SSH2_AGENT_REQUEST_IDENTITIES
SSH2_AGENT_REQUEST_VERSION
SSH2_AGENT_SIGN_REQUEST
SSH2_AGENT_SIGN_RESPONSE
SSH2_AGENT_VERSION_RESPONSE
SSH_AGENT_FAILURE
SSH_AGENT_REQUEST_RSA_IDENTITIES
SSH_AGENT_RSA_IDENTITIES_ANSWER1
SSH_AGENT_RSA_IDENTITIES_ANSWER2
SSH_COM_AGENT2_FAILURE

Attributes

socket[R]

The underlying socket being used to communicate with the SSH agent.

Public Class Methods

connect(logger=nil) click to toggle source

Instantiates a new agent object, connects to a running SSH agent, negotiates the agent protocol version, and returns the agent object.

# File lib/net/ssh/authentication/agent/socket.rb, line 45
def self.connect(logger=nil)
  agent = new(logger)
  agent.connect!
  agent.negotiate!
  agent
end
new(logger=nil) click to toggle source

Creates a new Agent object, using the optional logger instance to report status.

# File lib/net/ssh/authentication/agent/socket.rb, line 54
def initialize(logger=nil)
  self.logger = logger
end

Public Instance Methods

close() click to toggle source

Closes this socket. This agent reference is no longer able to query the agent.

# File lib/net/ssh/authentication/agent/socket.rb, line 106
def close
  @socket.close
end
connect!() click to toggle source

Connect to the agent process using the socket factory and socket name given by the attribute writers. If the agent on the other end of the socket reports that it is an SSH2-compatible agent, this will fail (it only supports the ssh-agent distributed by OpenSSH).

# File lib/net/ssh/authentication/agent/socket.rb, line 62
def connect!
  begin
    debug { "connecting to ssh-agent" }
    @socket = agent_socket_factory.open(ENV['SSH_AUTH_SOCK'])
  rescue
    error { "could not connect to ssh-agent" }
    raise AgentNotAvailable, $!.message
  end
end
identities() click to toggle source

Return an array of all identities (public keys) known to the agent. Each key returned is augmented with a comment property which is set to the comment returned by the agent for that key.

# File lib/net/ssh/authentication/agent/socket.rb, line 88
def identities
  type, body = send_and_wait(SSH2_AGENT_REQUEST_IDENTITIES)
  raise AgentError, "could not get identity count" if agent_failed(type)
  raise AgentError, "bad authentication reply: #{type}" if type != SSH2_AGENT_IDENTITIES_ANSWER

  identities = []
  body.read_long.times do
    key = Buffer.new(body.read_string).read_key
    key.extend(Comment)
    key.comment = body.read_string
    identities.push key
  end

  return identities
end
negotiate!() click to toggle source

Attempts to negotiate the SSH agent protocol version. Raises an error if the version could not be negotiated successfully.

# File lib/net/ssh/authentication/agent/socket.rb, line 74
def negotiate!
  # determine what type of agent we're communicating with
  type, body = send_and_wait(SSH2_AGENT_REQUEST_VERSION, :string, Transport::ServerVersion::PROTO_VERSION)

  if type == SSH2_AGENT_VERSION_RESPONSE
    raise NotImplementedError, "SSH2 agents are not yet supported"
  elsif type != SSH_AGENT_RSA_IDENTITIES_ANSWER1 && type != SSH_AGENT_RSA_IDENTITIES_ANSWER2
    raise AgentError, "unknown response from agent: #{type}, #{body.to_s.inspect}"
  end
end
sign(key, data) click to toggle source

Using the agent and the given public key, sign the given data. The signature is returned in SSH2 format.

# File lib/net/ssh/authentication/agent/socket.rb, line 112
def sign(key, data)
  type, reply = send_and_wait(SSH2_AGENT_SIGN_REQUEST, :string, Buffer.from(:key, key), :string, data, :long, 0)

  if agent_failed(type)
    raise AgentError, "agent could not sign data with requested identity"
  elsif type != SSH2_AGENT_SIGN_RESPONSE
    raise AgentError, "bad authentication response #{type}"
  end

  return reply.read_string
end