summaryrefslogtreecommitdiff
path: root/ssh-add.0
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2011-09-06 09:26:44 +0100
committerColin Watson <cjwatson@debian.org>2011-09-06 09:26:44 +0100
commite90790abaf031e037f444a6658e136e48577ea49 (patch)
tree79b50c1b36fa2592f8bd1e524751601de908de8d /ssh-add.0
parente21c9c2094733fc4778688766cf8ea3c9b473aca (diff)
parentafde81fe5d3d6d3e9721ec56981e0214ea850bc6 (diff)
Import 5.9p1 tarball
Diffstat (limited to 'ssh-add.0')
-rw-r--r--ssh-add.0115
1 files changed, 115 insertions, 0 deletions
diff --git a/ssh-add.0 b/ssh-add.0
new file mode 100644
index 000000000..e1e2a6417
--- /dev/null
+++ b/ssh-add.0
@@ -0,0 +1,115 @@
1SSH-ADD(1) OpenBSD Reference Manual SSH-ADD(1)
2
3NAME
4 ssh-add - adds private key identities to the authentication agent
5
6SYNOPSIS
7 ssh-add [-cDdLlXx] [-t life] [file ...]
8 ssh-add -s pkcs11
9 ssh-add -e pkcs11
10
11DESCRIPTION
12 ssh-add adds private key identities to the authentication agent,
13 ssh-agent(1). When run without arguments, it adds the files
14 ~/.ssh/id_rsa, ~/.ssh/id_dsa, ~/.ssh/id_ecdsa and ~/.ssh/identity. After
15 loading a private key, ssh-add will try to load corresponding certificate
16 information from the filename obtained by appending -cert.pub to the name
17 of the private key file. Alternative file names can be given on the
18 command line.
19
20 If any file requires a passphrase, ssh-add asks for the passphrase from
21 the user. The passphrase is read from the user's tty. ssh-add retries
22 the last passphrase if multiple identity files are given.
23
24 The authentication agent must be running and the SSH_AUTH_SOCK
25 environment variable must contain the name of its socket for ssh-add to
26 work.
27
28 The options are as follows:
29
30 -c Indicates that added identities should be subject to confirmation
31 before being used for authentication. Confirmation is performed
32 by the SSH_ASKPASS program mentioned below. Successful
33 confirmation is signaled by a zero exit status from the
34 SSH_ASKPASS program, rather than text entered into the requester.
35
36 -D Deletes all identities from the agent.
37
38 -d Instead of adding identities, removes identities from the agent.
39 If ssh-add has been run without arguments, the keys for the
40 default identities will be removed. Otherwise, the argument list
41 will be interpreted as a list of paths to public key files and
42 matching keys will be removed from the agent. If no public key
43 is found at a given path, ssh-add will append .pub and retry.
44
45 -e pkcs11
46 Remove keys provided by the PKCS#11 shared library pkcs11.
47
48 -L Lists public key parameters of all identities currently
49 represented by the agent.
50
51 -l Lists fingerprints of all identities currently represented by the
52 agent.
53
54 -s pkcs11
55 Add keys provided by the PKCS#11 shared library pkcs11.
56
57 -t life
58 Set a maximum lifetime when adding identities to an agent. The
59 lifetime may be specified in seconds or in a time format
60 specified in sshd_config(5).
61
62 -X Unlock the agent.
63
64 -x Lock the agent with a password.
65
66ENVIRONMENT
67 DISPLAY and SSH_ASKPASS
68 If ssh-add needs a passphrase, it will read the passphrase from
69 the current terminal if it was run from a terminal. If ssh-add
70 does not have a terminal associated with it but DISPLAY and
71 SSH_ASKPASS are set, it will execute the program specified by
72 SSH_ASKPASS and open an X11 window to read the passphrase. This
73 is particularly useful when calling ssh-add from a .xsession or
74 related script. (Note that on some machines it may be necessary
75 to redirect the input from /dev/null to make this work.)
76
77 SSH_AUTH_SOCK
78 Identifies the path of a UNIX-domain socket used to communicate
79 with the agent.
80
81FILES
82 ~/.ssh/identity
83 Contains the protocol version 1 RSA authentication identity of
84 the user.
85
86 ~/.ssh/id_dsa
87 Contains the protocol version 2 DSA authentication identity of
88 the user.
89
90 ~/.ssh/id_ecdsa
91 Contains the protocol version 2 ECDSA authentication identity of
92 the user.
93
94 ~/.ssh/id_rsa
95 Contains the protocol version 2 RSA authentication identity of
96 the user.
97
98 Identity files should not be readable by anyone but the user. Note that
99 ssh-add ignores identity files if they are accessible by others.
100
101EXIT STATUS
102 Exit status is 0 on success, 1 if the specified command fails, and 2 if
103 ssh-add is unable to contact the authentication agent.
104
105SEE ALSO
106 ssh(1), ssh-agent(1), ssh-keygen(1), sshd(8)
107
108AUTHORS
109 OpenSSH is a derivative of the original and free ssh 1.2.12 release by
110 Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
111 de Raadt and Dug Song removed many bugs, re-added newer features and
112 created OpenSSH. Markus Friedl contributed the support for SSH protocol
113 versions 1.5 and 2.0.
114
115OpenBSD 5.0 October 28, 2010 OpenBSD 5.0