summaryrefslogtreecommitdiff
path: root/ssh-add.0
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2010-04-16 09:56:03 +0100
committerColin Watson <cjwatson@debian.org>2010-04-16 09:56:03 +0100
commitff0095389ba9a9e4599e6051c8d5bae6777c4d64 (patch)
treef480bef24195963842fbc6a2f237c4907cfad72e /ssh-add.0
parent627337d95bee7dd8d4690238a35fffd35072d1fa (diff)
parent004a7fb9c6a00b13dc98f56599918a54a3506d10 (diff)
Import 5.5p1 tarball
Diffstat (limited to 'ssh-add.0')
-rw-r--r--ssh-add.0109
1 files changed, 109 insertions, 0 deletions
diff --git a/ssh-add.0 b/ssh-add.0
new file mode 100644
index 000000000..0d49c5ea3
--- /dev/null
+++ b/ssh-add.0
@@ -0,0 +1,109 @@
1SSH-ADD(1) OpenBSD Reference Manual SSH-ADD(1)
2
3NAME
4 ssh-add - adds RSA or DSA identities to the authentication agent
5
6SYNOPSIS
7 ssh-add [-cDdLlXx] [-t life] [file ...]
8 ssh-add -s pkcs11
9 ssh-add -e pkcs11
10
11DESCRIPTION
12 ssh-add adds RSA or DSA identities to the authentication agent,
13 ssh-agent(1). When run without arguments, it adds the files
14 ~/.ssh/id_rsa, ~/.ssh/id_dsa and ~/.ssh/identity. After loading a pri-
15 vate key, ssh-add will try to load corresponding certificate information
16 from the filename obtained by appending -cert.pub to the name of the pri-
17 vate key file. Alternative file names can be given on the command line.
18
19 If any file requires a passphrase, ssh-add asks for the passphrase from
20 the user. The passphrase is read from the user's tty. ssh-add retries
21 the last passphrase if multiple identity files are given.
22
23 The authentication agent must be running and the SSH_AUTH_SOCK environ-
24 ment variable must contain the name of its socket for ssh-add to work.
25
26 The options are as follows:
27
28 -c Indicates that added identities should be subject to confirmation
29 before being used for authentication. Confirmation is performed
30 by the SSH_ASKPASS program mentioned below. Successful confirma-
31 tion is signaled by a zero exit status from the SSH_ASKPASS pro-
32 gram, rather than text entered into the requester.
33
34 -D Deletes all identities from the agent.
35
36 -d Instead of adding identities, removes identities from the agent.
37 If ssh-add has been run without arguments, the keys for the de-
38 fault identities will be removed. Otherwise, the argument list
39 will be interpreted as a list of paths to public key files and
40 matching keys will be removed from the agent. If no public key
41 is found at a given path, ssh-add will append .pub and retry.
42
43 -e pkcs11
44 Remove keys provided by the PKCS#11 shared library pkcs11.
45
46 -L Lists public key parameters of all identities currently repre-
47 sented by the agent.
48
49 -l Lists fingerprints of all identities currently represented by the
50 agent.
51
52 -s pkcs11
53 Add keys provided by the PKCS#11 shared library pkcs11.
54
55 -t life
56 Set a maximum lifetime when adding identities to an agent. The
57 lifetime may be specified in seconds or in a time format speci-
58 fied in sshd_config(5).
59
60 -X Unlock the agent.
61
62 -x Lock the agent with a password.
63
64ENVIRONMENT
65 DISPLAY and SSH_ASKPASS
66 If ssh-add needs a passphrase, it will read the passphrase from
67 the current terminal if it was run from a terminal. If ssh-add
68 does not have a terminal associated with it but DISPLAY and
69 SSH_ASKPASS are set, it will execute the program specified by
70 SSH_ASKPASS and open an X11 window to read the passphrase. This
71 is particularly useful when calling ssh-add from a .xsession or
72 related script. (Note that on some machines it may be necessary
73 to redirect the input from /dev/null to make this work.)
74
75 SSH_AUTH_SOCK
76 Identifies the path of a UNIX-domain socket used to communicate
77 with the agent.
78
79FILES
80 ~/.ssh/identity
81 Contains the protocol version 1 RSA authentication identity of
82 the user.
83
84 ~/.ssh/id_dsa
85 Contains the protocol version 2 DSA authentication identity of
86 the user.
87
88 ~/.ssh/id_rsa
89 Contains the protocol version 2 RSA authentication identity of
90 the user.
91
92 Identity files should not be readable by anyone but the user. Note that
93 ssh-add ignores identity files if they are accessible by others.
94
95DIAGNOSTICS
96 Exit status is 0 on success, 1 if the specified command fails, and 2 if
97 ssh-add is unable to contact the authentication agent.
98
99SEE ALSO
100 ssh(1), ssh-agent(1), ssh-keygen(1), sshd(8)
101
102AUTHORS
103 OpenSSH is a derivative of the original and free ssh 1.2.12 release by
104 Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
105 de Raadt and Dug Song removed many bugs, re-added newer features and cre-
106 ated OpenSSH. Markus Friedl contributed the support for SSH protocol
107 versions 1.5 and 2.0.
108
109OpenBSD 4.7 March 5, 2010 2