=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/ssh-add.1,v retrieving revision 1.27 retrieving revision 1.27.2.2 diff -u -r1.27 -r1.27.2.2 --- src/usr.bin/ssh/ssh-add.1 2001/08/23 18:08:59 1.27 +++ src/usr.bin/ssh/ssh-add.1 2002/06/22 07:23:17 1.27.2.2 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-add.1,v 1.27 2001/08/23 18:08:59 stevesk Exp $ +.\" $OpenBSD: ssh-add.1,v 1.27.2.2 2002/06/22 07:23:17 miod Exp $ .\" .\" -*- nroff -*- .\" @@ -45,7 +45,8 @@ .Nd adds RSA or DSA identities to the authentication agent .Sh SYNOPSIS .Nm ssh-add -.Op Fl lLdD +.Op Fl lLdDxX +.Op Fl t Ar life .Op Ar .Nm ssh-add .Fl s Ar reader @@ -55,7 +56,10 @@ .Nm adds RSA or DSA identities to the authentication agent, .Xr ssh-agent 1 . -When run without arguments, it adds the file +When run without arguments, it adds the files +.Pa $HOME/.ssh/id_rsa , +.Pa $HOME/.ssh/id_dsa +and .Pa $HOME/.ssh/identity . Alternative file names can be given on the command line. If any file requires a passphrase, @@ -80,6 +84,15 @@ Instead of adding the identity, removes the identity from the agent. .It Fl D Deletes all identities from the agent. +.It Fl x +Lock the agent with a password. +.It Fl X +Unlock the agent. +.It Fl t Ar life +Set a maximum lifetime when adding identities to an agent. +The lifetime may be specified in seconds or in a time format +specified in +.Xr sshd 8 . .It Fl s Ar reader Add key in smartcard .Ar reader . @@ -91,21 +104,16 @@ .Bl -tag -width Ds .It Pa $HOME/.ssh/identity Contains the protocol version 1 RSA authentication identity of the user. -This file should not be readable by anyone but the user. -Note that -.Nm -ignores this file if it is accessible by others. -It is possible to -specify a passphrase when generating the key; that passphrase will be -used to encrypt the private part of this file. -This is the default file added by -.Nm -when no other files have been specified. .It Pa $HOME/.ssh/id_dsa Contains the protocol version 2 DSA authentication identity of the user. .It Pa $HOME/.ssh/id_rsa Contains the protocol version 2 RSA authentication identity of the user. .El +.Pp +Identity files should not be readable by anyone but the user. +Note that +.Nm +ignores identity files if they are accessible by others. .Sh ENVIRONMENT .Bl -tag -width Ds .It Ev "DISPLAY" and "SSH_ASKPASS" @@ -131,7 +139,15 @@ may be necessary to redirect the input from .Pa /dev/null to make this work.) +.It Ev SSH_AUTH_SOCK +Identifies the path of a unix-domain socket used to communicate with the +agent. .El +.Sh DIAGNOSTICS +Exit status is 0 on success, 1 if the specified command fails, +and 2 if +.Nm +is unable to contact the authentication agent. .Sh AUTHORS OpenSSH is a derivative of the original and free ssh 1.2.12 release by Tatu Ylonen.