summaryrefslogtreecommitdiff
path: root/ssh-agent.1
diff options
context:
space:
mode:
Diffstat (limited to 'ssh-agent.1')
-rw-r--r--ssh-agent.153
1 files changed, 16 insertions, 37 deletions
diff --git a/ssh-agent.1 b/ssh-agent.1
index 281ecbdcf..a1e634fe0 100644
--- a/ssh-agent.1
+++ b/ssh-agent.1
@@ -1,4 +1,4 @@
1.\" $OpenBSD: ssh-agent.1,v 1.54 2013/12/07 11:58:46 naddy Exp $ 1.\" $OpenBSD: ssh-agent.1,v 1.55 2014/04/16 23:28:12 djm Exp $
2.\" 2.\"
3.\" Author: Tatu Ylonen <ylo@cs.hut.fi> 3.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
4.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -34,7 +34,7 @@
34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36.\" 36.\"
37.Dd $Mdocdate: December 7 2013 $ 37.Dd $Mdocdate: April 16 2014 $
38.Dt SSH-AGENT 1 38.Dt SSH-AGENT 1
39.Os 39.Os
40.Sh NAME 40.Sh NAME
@@ -54,9 +54,8 @@
54.Nm 54.Nm
55is a program to hold private keys used for public key authentication 55is a program to hold private keys used for public key authentication
56(RSA, DSA, ECDSA, ED25519). 56(RSA, DSA, ECDSA, ED25519).
57The idea is that
58.Nm 57.Nm
59is started in the beginning of an X-session or a login session, and 58is usually started in the beginning of an X-session or a login session, and
60all other windows or programs are started as clients to the ssh-agent 59all other windows or programs are started as clients to the ssh-agent
61program. 60program.
62Through use of environment variables the agent can be located 61Through use of environment variables the agent can be located
@@ -64,6 +63,19 @@ and automatically used for authentication when logging in to other
64machines using 63machines using
65.Xr ssh 1 . 64.Xr ssh 1 .
66.Pp 65.Pp
66The agent initially does not have any private keys.
67Keys are added using
68.Xr ssh-add 1 .
69Multiple identities may be stored in
70.Nm
71concurrently and
72.Xr ssh 1
73will automatically use them if present.
74.Xr ssh-add 1
75is also used to remove keys from
76.Nm
77and to query the keys that are held in one.
78.Pp
67The options are as follows: 79The options are as follows:
68.Bl -tag -width Ds 80.Bl -tag -width Ds
69.It Fl a Ar bind_address 81.It Fl a Ar bind_address
@@ -107,29 +119,6 @@ Without this option the default maximum lifetime is forever.
107If a commandline is given, this is executed as a subprocess of the agent. 119If a commandline is given, this is executed as a subprocess of the agent.
108When the command dies, so does the agent. 120When the command dies, so does the agent.
109.Pp 121.Pp
110The agent initially does not have any private keys.
111Keys are added using
112.Xr ssh-add 1 .
113When executed without arguments,
114.Xr ssh-add 1
115adds the files
116.Pa ~/.ssh/id_rsa ,
117.Pa ~/.ssh/id_dsa ,
118.Pa ~/.ssh/id_ecdsa ,
119.Pa ~/.ssh/id_ed25519
120and
121.Pa ~/.ssh/identity .
122If the identity has a passphrase,
123.Xr ssh-add 1
124asks for the passphrase on the terminal if it has one or from a small X11
125program if running under X11.
126If neither of these is the case then the authentication will fail.
127It then sends the identity to the agent.
128Several identities can be stored in the
129agent; the agent can automatically use any of these identities.
130.Ic ssh-add -l
131displays the identities currently held by the agent.
132.Pp
133The idea is that the agent is run in the user's local PC, laptop, or 122The idea is that the agent is run in the user's local PC, laptop, or
134terminal. 123terminal.
135Authentication data need not be stored on any other 124Authentication data need not be stored on any other
@@ -185,16 +174,6 @@ The agent exits automatically when the command given on the command
185line terminates. 174line terminates.
186.Sh FILES 175.Sh FILES
187.Bl -tag -width Ds 176.Bl -tag -width Ds
188.It Pa ~/.ssh/identity
189Contains the protocol version 1 RSA authentication identity of the user.
190.It Pa ~/.ssh/id_dsa
191Contains the protocol version 2 DSA authentication identity of the user.
192.It Pa ~/.ssh/id_ecdsa
193Contains the protocol version 2 ECDSA authentication identity of the user.
194.It Pa ~/.ssh/id_ed25519
195Contains the protocol version 2 ED25519 authentication identity of the user.
196.It Pa ~/.ssh/id_rsa
197Contains the protocol version 2 RSA authentication identity of the user.
198.It Pa $TMPDIR/ssh-XXXXXXXXXX/agent.\*(Ltppid\*(Gt 177.It Pa $TMPDIR/ssh-XXXXXXXXXX/agent.\*(Ltppid\*(Gt
199.Ux Ns -domain 178.Ux Ns -domain
200sockets used to contain the connection to the authentication agent. 179sockets used to contain the connection to the authentication agent.