summaryrefslogtreecommitdiff
path: root/ssh-add.0
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2012-09-06 19:11:34 +0100
committerColin Watson <cjwatson@debian.org>2012-09-06 19:11:34 +0100
commit8b13b5bdc4f19bd52ee673104d66b71c21153b96 (patch)
tree833867a296a373e08233b2e1f549d4bcff79dda6 /ssh-add.0
parent4eb0a532efe679917e07655721145c6882bdb4c7 (diff)
parentb9bc38990c5eb5d99e28ca5af6d3491fd4a0060a (diff)
Import 6.1p1 tarball
Diffstat (limited to 'ssh-add.0')
-rw-r--r--ssh-add.0118
1 files changed, 118 insertions, 0 deletions
diff --git a/ssh-add.0 b/ssh-add.0
new file mode 100644
index 000000000..2ed59c10e
--- /dev/null
+++ b/ssh-add.0
@@ -0,0 +1,118 @@
1SSH-ADD(1) OpenBSD Reference Manual SSH-ADD(1)
2
3NAME
4 ssh-add - adds private key identities to the authentication agent
5
6SYNOPSIS
7 ssh-add [-cDdkLlXx] [-t life] [file ...]
8 ssh-add -s pkcs11
9 ssh-add -e pkcs11
10
11DESCRIPTION
12 ssh-add adds private key identities to the authentication agent,
13 ssh-agent(1). When run without arguments, it adds the files
14 ~/.ssh/id_rsa, ~/.ssh/id_dsa, ~/.ssh/id_ecdsa and ~/.ssh/identity. After
15 loading a private key, ssh-add will try to load corresponding certificate
16 information from the filename obtained by appending -cert.pub to the name
17 of the private key file. Alternative file names can be given on the
18 command line.
19
20 If any file requires a passphrase, ssh-add asks for the passphrase from
21 the user. The passphrase is read from the user's tty. ssh-add retries
22 the last passphrase if multiple identity files are given.
23
24 The authentication agent must be running and the SSH_AUTH_SOCK
25 environment variable must contain the name of its socket for ssh-add to
26 work.
27
28 The options are as follows:
29
30 -c Indicates that added identities should be subject to confirmation
31 before being used for authentication. Confirmation is performed
32 by the SSH_ASKPASS program mentioned below. Successful
33 confirmation is signaled by a zero exit status from the
34 SSH_ASKPASS program, rather than text entered into the requester.
35
36 -D Deletes all identities from the agent.
37
38 -d Instead of adding identities, removes identities from the agent.
39 If ssh-add has been run without arguments, the keys for the
40 default identities will be removed. Otherwise, the argument list
41 will be interpreted as a list of paths to public key files and
42 matching keys will be removed from the agent. If no public key
43 is found at a given path, ssh-add will append .pub and retry.
44
45 -e pkcs11
46 Remove keys provided by the PKCS#11 shared library pkcs11.
47
48 -k When loading keys into the agent, load plain private keys only
49 and skip certificates.
50
51 -L Lists public key parameters of all identities currently
52 represented by the agent.
53
54 -l Lists fingerprints of all identities currently represented by the
55 agent.
56
57 -s pkcs11
58 Add keys provided by the PKCS#11 shared library pkcs11.
59
60 -t life
61 Set a maximum lifetime when adding identities to an agent. The
62 lifetime may be specified in seconds or in a time format
63 specified in sshd_config(5).
64
65 -X Unlock the agent.
66
67 -x Lock the agent with a password.
68
69ENVIRONMENT
70 DISPLAY and SSH_ASKPASS
71 If ssh-add needs a passphrase, it will read the passphrase from
72 the current terminal if it was run from a terminal. If ssh-add
73 does not have a terminal associated with it but DISPLAY and
74 SSH_ASKPASS are set, it will execute the program specified by
75 SSH_ASKPASS and open an X11 window to read the passphrase. This
76 is particularly useful when calling ssh-add from a .xsession or
77 related script. (Note that on some machines it may be necessary
78 to redirect the input from /dev/null to make this work.)
79
80 SSH_AUTH_SOCK
81 Identifies the path of a UNIX-domain socket used to communicate
82 with the agent.
83
84FILES
85 ~/.ssh/identity
86 Contains the protocol version 1 RSA authentication identity of
87 the user.
88
89 ~/.ssh/id_dsa
90 Contains the protocol version 2 DSA authentication identity of
91 the user.
92
93 ~/.ssh/id_ecdsa
94 Contains the protocol version 2 ECDSA authentication identity of
95 the user.
96
97 ~/.ssh/id_rsa
98 Contains the protocol version 2 RSA authentication identity of
99 the user.
100
101 Identity files should not be readable by anyone but the user. Note that
102 ssh-add ignores identity files if they are accessible by others.
103
104EXIT STATUS
105 Exit status is 0 on success, 1 if the specified command fails, and 2 if
106 ssh-add is unable to contact the authentication agent.
107
108SEE ALSO
109 ssh(1), ssh-agent(1), ssh-keygen(1), sshd(8)
110
111AUTHORS
112 OpenSSH is a derivative of the original and free ssh 1.2.12 release by
113 Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
114 de Raadt and Dug Song removed many bugs, re-added newer features and
115 created OpenSSH. Markus Friedl contributed the support for SSH protocol
116 versions 1.5 and 2.0.
117
118OpenBSD 5.2 October 18, 2011 OpenBSD 5.2