Add support for auth-agent (server)

[131]

The [email protected] channel is not implemented on the server side.

The server need to acknowledge the request by opening a channel (see openssh source code )

Again, this is an amazing project and i'm very excited being able to help, even if it's just a little.

[131]

Ok, i ended up doing it \o/

This PR relies on a requirement PR in ssh2-stream

[131]

All good since mscdex/ssh2-streams#132 has landed (just rebased it)

[131]

I've updated the PR with requested changes

[mscdex]

Also can you add a test for this? I understand it will (currently) require the master ssh2-streams branch and that's ok.

[131]

I've updated the PR again, (with the style change - sorry for that). I'm looking into the "test" part now

[131]

So, testing the agent stream requires me to spawn a "real" ssh-agent. Is that okay with you ?

[mscdex]

Do we really need ssh-agent to be running? I think just spinning up a unix socket server locally may be enough? Also we might need to skip this test on Windows, unless there is some way we can detect we're in WSL in which case (i'm assuming) unix sockets are available?

[131]

I've updated the PR with ssh-streams2 bump (as this is needed) so the tests can pass.

I've spend some time on it, but i cannot find a way to test openssh_authAgent without running a proper agent server.

If spawning an external server bother you, i've wrote a pure js ssh-agent server, but that's another story. Also, this PR is working fine under WSL (as i'm working only on this stack)

[131]

I'll rebase that for 1@

[131]

Hi @mscdex , is there anything more you want on this one ?

[alireza-ebrahimi]

Hi @mscdex, is there any other problem with this pull request? i'm implementing a ssh proxy and this feature is required to implement public key login on destination. i also tested changes on my local env and its working

[Luwdo]

Hi @mscdex, is there any other problem with this pull request? i'm implementing a ssh proxy and this feature is required to implement public key login on destination. i also tested changes on my local env and its working

@alireza-ebrahimi I just ran into the same issue writing a proxy connection manager where I couldn't facilitate agent forwarding without access to this channel. What did you end up doing?

[Luwdo]

I see that in the test we are creating a ssh-agent, the only other way the test could be written is creating a new netserver listening on a socket. Account for windows pipes vs unix domain sockets. Pass that socket path in as your agent in your client.

On the server side you would then send a signal down using the new openssh_authAgent function and verify you see it in the netservers on connect listener get hit. After that i am not sure because testing key signing would require an agent implementation to be running.

[Luwdo]

I adjusted the test in #1468, it may still need more work but I believe this is the right direction for testing this change.