diff options
Diffstat (limited to 'ssh-agent.0')
-rw-r--r-- | ssh-agent.0 | 76 |
1 files changed, 38 insertions, 38 deletions
diff --git a/ssh-agent.0 b/ssh-agent.0 index aa7aebf03..48cc9b36e 100644 --- a/ssh-agent.0 +++ b/ssh-agent.0 | |||
@@ -1,63 +1,63 @@ | |||
1 | SSHM-bM-^@M-^PAGENT(1) BSD General Commands Manual SSHM-bM-^@M-^PAGENT(1) | 1 | SSH-AGENT(1) BSD General Commands Manual SSH-AGENT(1) |
2 | 2 | ||
3 | ^[[1mNAME^[[0m | 3 | NAME |
4 | ^[[1msshM-bM-^@M-^Pagent ^[[22mM-bMM-^R authentication agent | 4 | ssh-agent - authentication agent |
5 | 5 | ||
6 | ^[[1mSYNOPSIS^[[0m | 6 | SYNOPSIS |
7 | ^[[1msshM-bM-^@M-^Pagent ^[[22m[^[[1mM-bMM-^Ra ^[[4m^[[22mbind_address^[[24m] [^[[1mM-bMM-^Rc ^[[22m| ^[[1mM-bMM-^Rs^[[22m] [^[[1mM-bMM-^Rt ^[[4m^[[22mlife^[[24m] [^[[1mM-bMM-^Rd^[[22m] [^[[4mcommand^[[24m [^[[4margs^[[24m ^[[4m...^[[24m]] | 7 | ssh-agent [-a bind_address] [-c | -s] [-t life] [-d] [command [args ...]] |
8 | ^[[1msshM-bM-^@M-^Pagent ^[[22m[^[[1mM-bMM-^Rc ^[[22m| ^[[1mM-bMM-^Rs^[[22m] ^[[1mM-bMM-^Rk^[[0m | 8 | ssh-agent [-c | -s] -k |
9 | 9 | ||
10 | ^[[1mDESCRIPTION^[[0m | 10 | DESCRIPTION |
11 | ^[[1msshM-bM-^@M-^Pagent ^[[22mis a program to hold private keys used for public key authentiM-bM-^@M-^P | 11 | ssh-agent is a program to hold private keys used for public key authenti- |
12 | cation (RSA, DSA). The idea is that ^[[1msshM-bM-^@M-^Pagent ^[[22mis started in the beginM-bM-^@M-^P | 12 | cation (RSA, DSA). The idea is that ssh-agent is started in the begin- |
13 | ning of an XM-bM-^@M-^Psession or a login session, and all other windows or proM-bM-^@M-^P | 13 | ning of an X-session or a login session, and all other windows or pro- |
14 | grams are started as clients to the sshM-bM-^@M-^Pagent program. Through use of | 14 | grams are started as clients to the ssh-agent program. Through use of |
15 | environment variables the agent can be located and automatically used for | 15 | environment variables the agent can be located and automatically used for |
16 | authentication when logging in to other machines using ssh(1). | 16 | authentication when logging in to other machines using ssh(1). |
17 | 17 | ||
18 | The options are as follows: | 18 | The options are as follows: |
19 | 19 | ||
20 | ^[[1mM-bMM-^Ra ^[[4m^[[22mbind_address^[[0m | 20 | -a bind_address |
21 | Bind the agent to the unixM-bM-^@M-^Pdomain socket ^[[4mbind_address^[[24m. The | 21 | Bind the agent to the unix-domain socket bind_address. The |
22 | default is ^[[4m/tmp/sshM-bM-^@M-^PXXXXXXXX/agent.<ppid>^[[24m. | 22 | default is /tmp/ssh-XXXXXXXX/agent.<ppid>. |
23 | 23 | ||
24 | ^[[1mM-bMM-^Rc ^[[22mGenerate CM-bM-^@M-^Pshell commands on stdout. This is the default if | 24 | -c Generate C-shell commands on stdout. This is the default if |
25 | SHELL looks like itM-bM-^@M-^Ys a csh style of shell. | 25 | SHELL looks like itM-bM-^@M-^Ys a csh style of shell. |
26 | 26 | ||
27 | ^[[1mM-bMM-^Rs ^[[22mGenerate Bourne shell commands on stdout. This is the default if | 27 | -s Generate Bourne shell commands on stdout. This is the default if |
28 | SHELL does not look like itM-bM-^@M-^Ys a csh style of shell. | 28 | SHELL does not look like itM-bM-^@M-^Ys a csh style of shell. |
29 | 29 | ||
30 | ^[[1mM-bMM-^Rk ^[[22mKill the current agent (given by the SSH_AGENT_PID environment | 30 | -k Kill the current agent (given by the SSH_AGENT_PID environment |
31 | variable). | 31 | variable). |
32 | 32 | ||
33 | ^[[1mM-bMM-^Rt ^[[4m^[[22mlife^[[0m | 33 | -t life |
34 | Set a default value for the maximum lifetime of identities added | 34 | Set a default value for the maximum lifetime of identities added |
35 | to the agent. The lifetime may be specified in seconds or in a | 35 | to the agent. The lifetime may be specified in seconds or in a |
36 | time format specified in sshd(8). A lifetime specified for an | 36 | time format specified in sshd(8). A lifetime specified for an |
37 | identity with sshM-bM-^@M-^Padd(1) overrides this value. Without this | 37 | identity with ssh-add(1) overrides this value. Without this |
38 | option the default maximum lifetime is forever. | 38 | option the default maximum lifetime is forever. |
39 | 39 | ||
40 | ^[[1mM-bMM-^Rd ^[[22mDebug mode. When this option is specified ^[[1msshM-bM-^@M-^Pagent ^[[22mwill not | 40 | -d Debug mode. When this option is specified ssh-agent will not |
41 | fork. | 41 | fork. |
42 | 42 | ||
43 | If a commandline is given, this is executed as a subprocess of the agent. | 43 | If a commandline is given, this is executed as a subprocess of the agent. |
44 | When the command dies, so does the agent. | 44 | When the command dies, so does the agent. |
45 | 45 | ||
46 | The agent initially does not have any private keys. Keys are added using | 46 | The agent initially does not have any private keys. Keys are added using |
47 | sshM-bM-^@M-^Padd(1). When executed without arguments, sshM-bM-^@M-^Padd(1) adds the files | 47 | ssh-add(1). When executed without arguments, ssh-add(1) adds the files |
48 | ^[[4m$HOME/.ssh/id_rsa^[[24m, ^[[4m$HOME/.ssh/id_dsa^[[24m and ^[[4m$HOME/.ssh/identity^[[24m. If the | 48 | $HOME/.ssh/id_rsa, $HOME/.ssh/id_dsa and $HOME/.ssh/identity. If the |
49 | identity has a passphrase, sshM-bM-^@M-^Padd(1) asks for the passphrase (using a | 49 | identity has a passphrase, ssh-add(1) asks for the passphrase (using a |
50 | small X11 application if running under X11, or from the terminal if runM-bM-^@M-^P | 50 | small X11 application if running under X11, or from the terminal if run- |
51 | ning without X). It then sends the identity to the agent. Several idenM-bM-^@M-^P | 51 | ning without X). It then sends the identity to the agent. Several iden- |
52 | tities can be stored in the agent; the agent can automatically use any of | 52 | tities can be stored in the agent; the agent can automatically use any of |
53 | these identities. ^[[1msshM-bM-^@M-^Padd M-bM-^@M-^Pl ^[[22mdisplays the identities currently held by | 53 | these identities. ssh-add -l displays the identities currently held by |
54 | the agent. | 54 | the agent. |
55 | 55 | ||
56 | The idea is that the agent is run in the userM-bM-^@M-^Ys local PC, laptop, or terM-bM-^@M-^P | 56 | The idea is that the agent is run in the userM-bM-^@M-^Ys local PC, laptop, or ter- |
57 | minal. Authentication data need not be stored on any other machine, and | 57 | minal. Authentication data need not be stored on any other machine, and |
58 | authentication passphrases never go over the network. However, the conM-bM-^@M-^P | 58 | authentication passphrases never go over the network. However, the con- |
59 | nection to the agent is forwarded over SSH remote logins, and the user | 59 | nection to the agent is forwarded over SSH remote logins, and the user |
60 | can thus use the privileges given by the identities anywhere in the netM-bM-^@M-^P | 60 | can thus use the privileges given by the identities anywhere in the net- |
61 | work in a secure way. | 61 | work in a secure way. |
62 | 62 | ||
63 | There are two main ways to get an agent setup: Either the agent starts a | 63 | There are two main ways to get an agent setup: Either the agent starts a |
@@ -69,10 +69,10 @@ SSHM-bM-^@M-^PAGENT(1) BSD General Commands Manual SSHM | |||
69 | 69 | ||
70 | The agent will never send a private key over its request channel. | 70 | The agent will never send a private key over its request channel. |
71 | Instead, operations that require a private key will be performed by the | 71 | Instead, operations that require a private key will be performed by the |
72 | agent, and the result will be returned to the requester. This way, priM-bM-^@M-^P | 72 | agent, and the result will be returned to the requester. This way, pri- |
73 | vate keys are not exposed to clients using the agent. | 73 | vate keys are not exposed to clients using the agent. |
74 | 74 | ||
75 | A unixM-bM-^@M-^Pdomain socket is created and the name of this socket is stored in | 75 | A unix-domain socket is created and the name of this socket is stored in |
76 | the SSH_AUTH_SOCK environment variable. The socket is made accessible | 76 | the SSH_AUTH_SOCK environment variable. The socket is made accessible |
77 | only to the current user. This method is easily abused by root or | 77 | only to the current user. This method is easily abused by root or |
78 | another instance of the same user. | 78 | another instance of the same user. |
@@ -82,7 +82,7 @@ SSHM-bM-^@M-^PAGENT(1) BSD General Commands Manual SSHM | |||
82 | The agent exits automatically when the command given on the command line | 82 | The agent exits automatically when the command given on the command line |
83 | terminates. | 83 | terminates. |
84 | 84 | ||
85 | ^[[1mFILES^[[0m | 85 | FILES |
86 | $HOME/.ssh/identity | 86 | $HOME/.ssh/identity |
87 | Contains the protocol version 1 RSA authentication identity of | 87 | Contains the protocol version 1 RSA authentication identity of |
88 | the user. | 88 | the user. |
@@ -95,20 +95,20 @@ SSHM-bM-^@M-^PAGENT(1) BSD General Commands Manual SSHM | |||
95 | Contains the protocol version 2 RSA authentication identity of | 95 | Contains the protocol version 2 RSA authentication identity of |
96 | the user. | 96 | the user. |
97 | 97 | ||
98 | /tmp/sshM-bM-^@M-^PXXXXXXXX/agent.<ppid> | 98 | /tmp/ssh-XXXXXXXX/agent.<ppid> |
99 | UnixM-bM-^@M-^Pdomain sockets used to contain the connection to the authenM-bM-^@M-^P | 99 | Unix-domain sockets used to contain the connection to the authen- |
100 | tication agent. These sockets should only be readable by the | 100 | tication agent. These sockets should only be readable by the |
101 | owner. The sockets should get automatically removed when the | 101 | owner. The sockets should get automatically removed when the |
102 | agent exits. | 102 | agent exits. |
103 | 103 | ||
104 | ^[[1mAUTHORS^[[0m | 104 | AUTHORS |
105 | OpenSSH is a derivative of the original and free ssh 1.2.12 release by | 105 | OpenSSH is a derivative of the original and free ssh 1.2.12 release by |
106 | Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo | 106 | Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo |
107 | de Raadt and Dug Song removed many bugs, reM-bM-^@M-^Padded newer features and creM-bM-^@M-^P | 107 | de Raadt and Dug Song removed many bugs, re-added newer features and cre- |
108 | ated OpenSSH. Markus Friedl contributed the support for SSH protocol | 108 | ated OpenSSH. Markus Friedl contributed the support for SSH protocol |
109 | versions 1.5 and 2.0. | 109 | versions 1.5 and 2.0. |
110 | 110 | ||
111 | ^[[1mSEE ALSO^[[0m | 111 | SEE ALSO |
112 | ssh(1), sshM-bM-^@M-^Padd(1), sshM-bM-^@M-^Pkeygen(1), sshd(8) | 112 | ssh(1), ssh-add(1), ssh-keygen(1), sshd(8) |
113 | 113 | ||
114 | BSD September 25, 1999 BSD | 114 | BSD September 25, 1999 BSD |