5.2. Adding Keys to the Agent
Cette page resume la section correspondante du RFC 9987 et conserve les numeros, noms de messages et exigences de securite du protocole agent SSH.
Keys may be added with SSH_AGENTC_ADD_IDENTITY or SSH_AGENTC_ADD_ID_CONSTRAINED. The constrained variant adds a constraint[] constraints field.
The document defines formats for DSA (ssh-dss), ECDSA (ecdsa-sha2-*), EdDSA (ssh-ed25519, ssh-ed448), RSA (ssh-rsa), other vendor-specific key types, and keys from smart cards or hardware tokens.
For token-hosted keys, SSH_AGENTC_ADD_SMARTCARD_KEY and SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED carry token id, PIN, and optional constraints. An agent MUST return SSH_AGENT_SUCCESS if one or more keys were loaded and SSH_AGENT_FAILURE if no keys were found, the token was not recognized, policy refused the request, or token-hosted keys are unsupported.