diff options
author | Colin Watson <cjwatson@debian.org> | 2003-09-01 18:42:19 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2003-09-01 18:42:19 +0000 |
commit | 8d6b7f4c46de3feb66f704ab483e51ea1a3bb0e1 (patch) | |
tree | 41fe3dd71501bbec5b0393f1536c925eaee180e9 /ssh-agent.0 | |
parent | f045c69060bfdd5cf8759a5f29d7008d02e4de5b (diff) | |
parent | 58bfa257481a1c6938ada9bbd38801cc45633fb0 (diff) |
Debian release 3.6p1-1.
Diffstat (limited to 'ssh-agent.0')
-rw-r--r-- | ssh-agent.0 | 85 |
1 files changed, 46 insertions, 39 deletions
diff --git a/ssh-agent.0 b/ssh-agent.0 index 9a1b85645..aa7aebf03 100644 --- a/ssh-agent.0 +++ b/ssh-agent.0 | |||
@@ -1,56 +1,63 @@ | |||
1 | SSH-AGENT(1) System General Commands Manual SSH-AGENT(1) | 1 | SSHM-bM-^@M-^PAGENT(1) BSD General Commands Manual SSHM-bM-^@M-^PAGENT(1) |
2 | 2 | ||
3 | NAME | 3 | ^[[1mNAME^[[0m |
4 | ssh-agent - authentication agent | 4 | ^[[1msshM-bM-^@M-^Pagent ^[[22mM-bMM-^R authentication agent |
5 | 5 | ||
6 | SYNOPSIS | 6 | ^[[1mSYNOPSIS^[[0m |
7 | ssh-agent [-a bind_address] [-c | -s] [-d] [command [args ...]] | 7 | ^[[1msshM-bM-^@M-^Pagent ^[[22m[^[[1mM-bMM-^Ra ^[[4m^[[22mbind_address^[[24m] [^[[1mM-bMM-^Rc ^[[22m| ^[[1mM-bMM-^Rs^[[22m] [^[[1mM-bMM-^Rt ^[[4m^[[22mlife^[[24m] [^[[1mM-bMM-^Rd^[[22m] [^[[4mcommand^[[24m [^[[4margs^[[24m ^[[4m...^[[24m]] |
8 | ssh-agent [-c | -s] -k | 8 | ^[[1msshM-bM-^@M-^Pagent ^[[22m[^[[1mM-bMM-^Rc ^[[22m| ^[[1mM-bMM-^Rs^[[22m] ^[[1mM-bMM-^Rk^[[0m |
9 | 9 | ||
10 | DESCRIPTION | 10 | ^[[1mDESCRIPTION^[[0m |
11 | ssh-agent is a program to hold private keys used for public key authentiM-- | 11 | ^[[1msshM-bM-^@M-^Pagent ^[[22mis a program to hold private keys used for public key authentiM-bM-^@M-^P |
12 | cation (RSA, DSA). The idea is that ssh-agent is started in the beginM-- | 12 | cation (RSA, DSA). The idea is that ^[[1msshM-bM-^@M-^Pagent ^[[22mis started in the beginM-bM-^@M-^P |
13 | ning of an X-session or a login session, and all other windows or proM-- | 13 | ning of an XM-bM-^@M-^Psession or a login session, and all other windows or proM-bM-^@M-^P |
14 | grams are started as clients to the ssh-agent program. Through use of | 14 | grams are started as clients to the sshM-bM-^@M-^Pagent program. Through use of |
15 | environment variables the agent can be located and automatically used for | 15 | environment variables the agent can be located and automatically used for |
16 | authentication when logging in to other machines using ssh(1). | 16 | authentication when logging in to other machines using ssh(1). |
17 | 17 | ||
18 | The options are as follows: | 18 | The options are as follows: |
19 | 19 | ||
20 | -a bind_address | 20 | ^[[1mM-bMM-^Ra ^[[4m^[[22mbind_address^[[0m |
21 | Bind the agent to the unix-domain socket bind_address. The | 21 | Bind the agent to the unixM-bM-^@M-^Pdomain socket ^[[4mbind_address^[[24m. The |
22 | default is /tmp/ssh-XXXXXXXX/agent.<ppid>. | 22 | default is ^[[4m/tmp/sshM-bM-^@M-^PXXXXXXXX/agent.<ppid>^[[24m. |
23 | 23 | ||
24 | -c Generate C-shell commands on stdout. This is the default if | 24 | ^[[1mM-bMM-^Rc ^[[22mGenerate CM-bM-^@M-^Pshell commands on stdout. This is the default if |
25 | SHELL looks like it's a csh style of shell. | 25 | SHELL looks like itM-bM-^@M-^Ys a csh style of shell. |
26 | 26 | ||
27 | -s Generate Bourne shell commands on stdout. This is the default if | 27 | ^[[1mM-bMM-^Rs ^[[22mGenerate Bourne shell commands on stdout. This is the default if |
28 | SHELL does not look like it's a csh style of shell. | 28 | SHELL does not look like itM-bM-^@M-^Ys a csh style of shell. |
29 | 29 | ||
30 | -k Kill the current agent (given by the SSH_AGENT_PID environment | 30 | ^[[1mM-bMM-^Rk ^[[22mKill the current agent (given by the SSH_AGENT_PID environment |
31 | variable). | 31 | variable). |
32 | 32 | ||
33 | -d Debug mode. When this option is specified ssh-agent will not | 33 | ^[[1mM-bMM-^Rt ^[[4m^[[22mlife^[[0m |
34 | Set a default value for the maximum lifetime of identities added | ||
35 | to the agent. The lifetime may be specified in seconds or in a | ||
36 | time format specified in sshd(8). A lifetime specified for an | ||
37 | identity with sshM-bM-^@M-^Padd(1) overrides this value. Without this | ||
38 | option the default maximum lifetime is forever. | ||
39 | |||
40 | ^[[1mM-bMM-^Rd ^[[22mDebug mode. When this option is specified ^[[1msshM-bM-^@M-^Pagent ^[[22mwill not | ||
34 | fork. | 41 | fork. |
35 | 42 | ||
36 | If a commandline is given, this is executed as a subprocess of the agent. | 43 | If a commandline is given, this is executed as a subprocess of the agent. |
37 | When the command dies, so does the agent. | 44 | When the command dies, so does the agent. |
38 | 45 | ||
39 | The agent initially does not have any private keys. Keys are added using | 46 | The agent initially does not have any private keys. Keys are added using |
40 | ssh-add(1). When executed without arguments, ssh-add(1) adds the files | 47 | sshM-bM-^@M-^Padd(1). When executed without arguments, sshM-bM-^@M-^Padd(1) adds the files |
41 | $HOME/.ssh/id_rsa, $HOME/.ssh/id_dsa and $HOME/.ssh/identity. If the | 48 | ^[[4m$HOME/.ssh/id_rsa^[[24m, ^[[4m$HOME/.ssh/id_dsa^[[24m and ^[[4m$HOME/.ssh/identity^[[24m. If the |
42 | identity has a passphrase, ssh-add(1) asks for the passphrase (using a | 49 | identity has a passphrase, sshM-bM-^@M-^Padd(1) asks for the passphrase (using a |
43 | small X11 application if running under X11, or from the terminal if runM-- | 50 | small X11 application if running under X11, or from the terminal if runM-bM-^@M-^P |
44 | ning without X). It then sends the identity to the agent. Several idenM-- | 51 | ning without X). It then sends the identity to the agent. Several idenM-bM-^@M-^P |
45 | tities can be stored in the agent; the agent can automatically use any of | 52 | tities can be stored in the agent; the agent can automatically use any of |
46 | these identities. ssh-add -l displays the identities currently held by | 53 | these identities. ^[[1msshM-bM-^@M-^Padd M-bM-^@M-^Pl ^[[22mdisplays the identities currently held by |
47 | the agent. | 54 | the agent. |
48 | 55 | ||
49 | The idea is that the agent is run in the user's local PC, laptop, or terM-- | 56 | The idea is that the agent is run in the userM-bM-^@M-^Ys local PC, laptop, or terM-bM-^@M-^P |
50 | minal. Authentication data need not be stored on any other machine, and | 57 | minal. Authentication data need not be stored on any other machine, and |
51 | authentication passphrases never go over the network. However, the conM-- | 58 | authentication passphrases never go over the network. However, the conM-bM-^@M-^P |
52 | nection to the agent is forwarded over SSH remote logins, and the user | 59 | nection to the agent is forwarded over SSH remote logins, and the user |
53 | can thus use the privileges given by the identities anywhere in the netM-- | 60 | can thus use the privileges given by the identities anywhere in the netM-bM-^@M-^P |
54 | work in a secure way. | 61 | work in a secure way. |
55 | 62 | ||
56 | There are two main ways to get an agent setup: Either the agent starts a | 63 | There are two main ways to get an agent setup: Either the agent starts a |
@@ -62,20 +69,20 @@ DESCRIPTION | |||
62 | 69 | ||
63 | The agent will never send a private key over its request channel. | 70 | The agent will never send a private key over its request channel. |
64 | Instead, operations that require a private key will be performed by the | 71 | Instead, operations that require a private key will be performed by the |
65 | agent, and the result will be returned to the requester. This way, priM-- | 72 | agent, and the result will be returned to the requester. This way, priM-bM-^@M-^P |
66 | vate keys are not exposed to clients using the agent. | 73 | vate keys are not exposed to clients using the agent. |
67 | 74 | ||
68 | A unix-domain socket is created and the name of this socket is stored in | 75 | A unixM-bM-^@M-^Pdomain socket is created and the name of this socket is stored in |
69 | the SSH_AUTH_SOCK environment variable. The socket is made accessible | 76 | the SSH_AUTH_SOCK environment variable. The socket is made accessible |
70 | only to the current user. This method is easily abused by root or | 77 | only to the current user. This method is easily abused by root or |
71 | another instance of the same user. | 78 | another instance of the same user. |
72 | 79 | ||
73 | The SSH_AGENT_PID environment variable holds the agent's process ID. | 80 | The SSH_AGENT_PID environment variable holds the agentM-bM-^@M-^Ys process ID. |
74 | 81 | ||
75 | The agent exits automatically when the command given on the command line | 82 | The agent exits automatically when the command given on the command line |
76 | terminates. | 83 | terminates. |
77 | 84 | ||
78 | FILES | 85 | ^[[1mFILES^[[0m |
79 | $HOME/.ssh/identity | 86 | $HOME/.ssh/identity |
80 | Contains the protocol version 1 RSA authentication identity of | 87 | Contains the protocol version 1 RSA authentication identity of |
81 | the user. | 88 | the user. |
@@ -88,20 +95,20 @@ FILES | |||
88 | Contains the protocol version 2 RSA authentication identity of | 95 | Contains the protocol version 2 RSA authentication identity of |
89 | the user. | 96 | the user. |
90 | 97 | ||
91 | /tmp/ssh-XXXXXXXX/agent.<ppid> | 98 | /tmp/sshM-bM-^@M-^PXXXXXXXX/agent.<ppid> |
92 | Unix-domain sockets used to contain the connection to the authenM-- | 99 | UnixM-bM-^@M-^Pdomain sockets used to contain the connection to the authenM-bM-^@M-^P |
93 | tication agent. These sockets should only be readable by the | 100 | tication agent. These sockets should only be readable by the |
94 | owner. The sockets should get automatically removed when the | 101 | owner. The sockets should get automatically removed when the |
95 | agent exits. | 102 | agent exits. |
96 | 103 | ||
97 | AUTHORS | 104 | ^[[1mAUTHORS^[[0m |
98 | OpenSSH is a derivative of the original and free ssh 1.2.12 release by | 105 | OpenSSH is a derivative of the original and free ssh 1.2.12 release by |
99 | Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo | 106 | Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo |
100 | de Raadt and Dug Song removed many bugs, re-added newer features and creM-- | 107 | de Raadt and Dug Song removed many bugs, reM-bM-^@M-^Padded newer features and creM-bM-^@M-^P |
101 | ated OpenSSH. Markus Friedl contributed the support for SSH protocol | 108 | ated OpenSSH. Markus Friedl contributed the support for SSH protocol |
102 | versions 1.5 and 2.0. | 109 | versions 1.5 and 2.0. |
103 | 110 | ||
104 | SEE ALSO | 111 | ^[[1mSEE ALSO^[[0m |
105 | ssh(1), ssh-add(1), ssh-keygen(1), sshd(8) | 112 | ssh(1), sshM-bM-^@M-^Padd(1), sshM-bM-^@M-^Pkeygen(1), sshd(8) |
106 | 113 | ||
107 | BSD September 25, 1999 BSD | 114 | BSD September 25, 1999 BSD |