OCaml ssh-agent

An ssh-agent protocol implementation in OCaml.

This library offers angstrom/faraday parsers/serializers for the ssh agent protocol as well as some helper functions for implementing an ssh-agent. In the cmd/ directory you find two simple example applications:

• ssh_add: this application connects to $SSH_AUTH_SOCK, generates a private key (rsa or ed25519 are supported), adds it to the ssh-agent and exits. Note that it doesn't save the public key anywhere or removes it from the agent, and is only good for polluting your ssh-agent with random keys. You may want to write the public key to a file and then remove it from the agent using ssh-add -d path-to-key.pub.

• ssh_agent_server: this application listens on a socket ocaml-ssh-agent.sock in CWD, and implements a very basic ssh-agent. It supports adding keys, removing keys and signing using rsa or ed25519 keys. It does not support concurrent connections and is not suitable for Production Use™.

These applications are not built by default. To build or run them using dune you must do so manually:

$ dune build cmd/ssh_add.exe cmd/ssh_agent_server.exe # to build
$ dune exec -- cmd/ssh_add.exe --help # to run ssh_add
$ dune exec -- cmd/ssh_agent_server.exe # to run ssh_agent_server

For the Qubes OS unikernel using this library see qubes-mirage-ssh-agent.