diff options
Diffstat (limited to 'ssh-add.0')
| -rw-r--r-- | ssh-add.0 | 41 |
1 files changed, 26 insertions, 15 deletions
| @@ -1,10 +1,11 @@ | |||
| 1 | SSH-ADD(1) General Commands Manual SSH-ADD(1) | 1 | SSH-ADD(1) General Commands Manual SSH-ADD(1) |
| 2 | 2 | ||
| 3 | NAME | 3 | NAME |
| 4 | ssh-add M-bM-^@M-^S adds private key identities to the authentication agent | 4 | ssh-add M-bM-^@M-^S adds private key identities to the OpenSSH authentication agent |
| 5 | 5 | ||
| 6 | SYNOPSIS | 6 | SYNOPSIS |
| 7 | ssh-add [-cDdkLlqvXx] [-E fingerprint_hash] [-t life] [file ...] | 7 | ssh-add [-cDdKkLlqvXx] [-E fingerprint_hash] [-S provider] [-t life] |
| 8 | [file ...] | ||
| 8 | ssh-add -s pkcs11 | 9 | ssh-add -s pkcs11 |
| 9 | ssh-add -e pkcs11 | 10 | ssh-add -e pkcs11 |
| 10 | ssh-add -T pubkey ... | 11 | ssh-add -T pubkey ... |
| @@ -12,11 +13,11 @@ SYNOPSIS | |||
| 12 | DESCRIPTION | 13 | DESCRIPTION |
| 13 | ssh-add adds private key identities to the authentication agent, | 14 | ssh-add adds private key identities to the authentication agent, |
| 14 | ssh-agent(1). When run without arguments, it adds the files | 15 | ssh-agent(1). When run without arguments, it adds the files |
| 15 | ~/.ssh/id_rsa, ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, and ~/.ssh/id_ed25519. | 16 | ~/.ssh/id_rsa, ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ecdsa_sk, |
| 16 | After loading a private key, ssh-add will try to load corresponding | 17 | ~/.ssh/id_ed25519, and ~/.ssh/id_ed25519_sk. After loading a private |
| 17 | certificate information from the filename obtained by appending -cert.pub | 18 | key, ssh-add will try to load corresponding certificate information from |
| 18 | to the name of the private key file. Alternative file names can be given | 19 | the filename obtained by appending -cert.pub to the name of the private |
| 19 | on the command line. | 20 | key file. Alternative file names can be given on the command line. |
| 20 | 21 | ||
| 21 | If any file requires a passphrase, ssh-add asks for the passphrase from | 22 | If any file requires a passphrase, ssh-add asks for the passphrase from |
| 22 | the user. The passphrase is read from the user's tty. ssh-add retries | 23 | the user. The passphrase is read from the user's tty. ssh-add retries |
| @@ -52,6 +53,8 @@ DESCRIPTION | |||
| 52 | -e pkcs11 | 53 | -e pkcs11 |
| 53 | Remove keys provided by the PKCS#11 shared library pkcs11. | 54 | Remove keys provided by the PKCS#11 shared library pkcs11. |
| 54 | 55 | ||
| 56 | -K Load resident keys from a FIDO authenticator. | ||
| 57 | |||
| 55 | -k When loading keys into or deleting keys from the agent, process | 58 | -k When loading keys into or deleting keys from the agent, process |
| 56 | plain private keys only and skip certificates. | 59 | plain private keys only and skip certificates. |
| 57 | 60 | ||
| @@ -63,6 +66,11 @@ DESCRIPTION | |||
| 63 | 66 | ||
| 64 | -q Be quiet after a successful operation. | 67 | -q Be quiet after a successful operation. |
| 65 | 68 | ||
| 69 | -S provider | ||
| 70 | Specifies a path to a library that will be used when adding FIDO | ||
| 71 | authenticator-hosted keys, overriding the default of using the | ||
| 72 | internal USB HID support. | ||
| 73 | |||
| 66 | -s pkcs11 | 74 | -s pkcs11 |
| 67 | Add keys provided by the PKCS#11 shared library pkcs11. | 75 | Add keys provided by the PKCS#11 shared library pkcs11. |
| 68 | 76 | ||
| @@ -100,18 +108,21 @@ ENVIRONMENT | |||
| 100 | Identifies the path of a UNIX-domain socket used to communicate | 108 | Identifies the path of a UNIX-domain socket used to communicate |
| 101 | with the agent. | 109 | with the agent. |
| 102 | 110 | ||
| 111 | SSH_SK_PROVIDER | ||
| 112 | Specifies a path to a library that will be used when loading any | ||
| 113 | FIDO authenticator-hosted keys, overriding the default of using | ||
| 114 | the built-in USB HID support. | ||
| 115 | |||
| 103 | FILES | 116 | FILES |
| 104 | ~/.ssh/id_dsa | 117 | ~/.ssh/id_dsa |
| 105 | Contains the DSA authentication identity of the user. | ||
| 106 | |||
| 107 | ~/.ssh/id_ecdsa | 118 | ~/.ssh/id_ecdsa |
| 108 | Contains the ECDSA authentication identity of the user. | 119 | ~/.ssh/id_ecdsa_sk |
| 109 | |||
| 110 | ~/.ssh/id_ed25519 | 120 | ~/.ssh/id_ed25519 |
| 111 | Contains the Ed25519 authentication identity of the user. | 121 | ~/.ssh/id_ed25519_sk |
| 112 | |||
| 113 | ~/.ssh/id_rsa | 122 | ~/.ssh/id_rsa |
| 114 | Contains the RSA authentication identity of the user. | 123 | Contains the DSA, ECDSA, authenticator-hosted ECDSA, Ed25519, |
| 124 | authenticator-hosted Ed25519 or RSA authentication identity of | ||
| 125 | the user. | ||
| 115 | 126 | ||
| 116 | Identity files should not be readable by anyone but the user. Note that | 127 | Identity files should not be readable by anyone but the user. Note that |
| 117 | ssh-add ignores identity files if they are accessible by others. | 128 | ssh-add ignores identity files if they are accessible by others. |
| @@ -130,4 +141,4 @@ AUTHORS | |||
| 130 | created OpenSSH. Markus Friedl contributed the support for SSH protocol | 141 | created OpenSSH. Markus Friedl contributed the support for SSH protocol |
| 131 | versions 1.5 and 2.0. | 142 | versions 1.5 and 2.0. |
| 132 | 143 | ||
| 133 | OpenBSD 6.6 January 21, 2019 OpenBSD 6.6 | 144 | OpenBSD 6.6 February 7, 2020 OpenBSD 6.6 |