5.2. Adding Keys to the Agent
Questa pagina riassume la sezione corrispondente di RFC 9987 e conserva numeri, nomi dei messaggi e requisiti di sicurezza del protocollo agent SSH.
Keys may be added with SSH_AGENTC_ADD_IDENTITY or SSH_AGENTC_ADD_ID_CONSTRAINED. The constrained variant adds a constraint[] constraints field.
The document defines formats for DSA (ssh-dss), ECDSA (ecdsa-sha2-*), EdDSA (ssh-ed25519, ssh-ed448), RSA (ssh-rsa), other vendor-specific key types, and keys from smart cards or hardware tokens.
For token-hosted keys, SSH_AGENTC_ADD_SMARTCARD_KEY and SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED carry token id, PIN, and optional constraints. An agent MUST return SSH_AGENT_SUCCESS if one or more keys were loaded and SSH_AGENT_FAILURE if no keys were found, the token was not recognized, policy refused the request, or token-hosted keys are unsupported.