Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

x/crypto/ssh: Unmarshal for SSH_AGENTC_EXTENSION #51689

lpcalisi opened this issue Mar 15, 2022 · 3 comments

x/crypto/ssh: Unmarshal for SSH_AGENTC_EXTENSION #51689

lpcalisi opened this issue Mar 15, 2022 · 3 comments


Copy link

@lpcalisi lpcalisi commented Mar 15, 2022

OpenSSH 8.9 will include the ability to control how and where keys in ssh-agent may be used, both locally and when forwarded (subject to some limitations).

This new feature implements a new agent extension an it doesn't compatible with Golang SSH Agent library. This kind of messages could not be parsed by Unmarshall method.

The message format is:

byte            SSH_AGENTC_EXTENSION (0x1b)
string          hostkey
string          session identifier
string          signature
bool            is_forwarding

The error is ssh: parse error in message type 27, when 27 is the SSH_AGENTC_EXTENSION message type (referenced in SSH Agent Protocol)

@gopherbot gopherbot added this to the Unreleased milestone Mar 15, 2022
@lpcalisi lpcalisi reopened this Mar 15, 2022
@seankhliao seankhliao changed the title x/crypto: SSH Agent - OpenSSH 8.9 - SSH Agent Restriction x/crypto/ssh: Unmarshal for SSH_AGENTC_EXTENSION Mar 15, 2022
@seankhliao seankhliao added the NeedsInvestigation label Mar 15, 2022
Copy link

@seankhliao seankhliao commented Mar 15, 2022

cc @FiloSottile

Copy link

@lpcalisi lpcalisi commented May 5, 2022

hi team! any news about it? thanks you! @seankhliao @FiloSottile

Copy link

@gopherbot gopherbot commented Jun 14, 2022

Change mentions this issue: ssh/agent: fix extensionAgentMsg

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet

No branches or pull requests

3 participants