===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/ssh-add.1,v
retrieving revision 1.35
retrieving revision 1.35.2.3
diff -u -r1.35 -r1.35.2.3
--- src/usr.bin/ssh/ssh-add.1	2002/06/19 00:27:55	1.35
+++ src/usr.bin/ssh/ssh-add.1	2003/09/16 21:20:27	1.35.2.3
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: ssh-add.1,v 1.35 2002/06/19 00:27:55 deraadt Exp $
+.\"	$OpenBSD: ssh-add.1,v 1.35.2.3 2003/09/16 21:20:27 brad Exp $
 .\"
 .\"  -*- nroff -*-
 .\"
@@ -45,7 +45,7 @@
 .Nd adds RSA or DSA identities to the authentication agent
 .Sh SYNOPSIS
 .Nm ssh-add
-.Op Fl lLdDxX
+.Op Fl lLdDxXc
 .Op Fl t Ar life
 .Op Ar
 .Nm ssh-add
@@ -92,7 +92,16 @@
 Set a maximum lifetime when adding identities to an agent.
 The lifetime may be specified in seconds or in a time format
 specified in
-.Xr sshd 8 .
+.Xr sshd_config 5 .
+.It Fl c
+Indicates that added identities should be subject to confirmation before
+being used for authentication.
+Confirmation is performed by the
+.Ev SSH_ASKPASS
+program mentioned below.
+Successful confirmation is signaled by a zero exit status from the
+.Ev SSH_ASKPASS
+program, rather than text entered into the requester.
 .It Fl s Ar reader
 Add key in smartcard
 .Ar reader .
@@ -100,20 +109,6 @@
 Remove key in smartcard
 .Ar reader .
 .El
-.Sh FILES
-.Bl -tag -width Ds
-.It Pa $HOME/.ssh/identity
-Contains the protocol version 1 RSA authentication identity of the user.
-.It Pa $HOME/.ssh/id_dsa
-Contains the protocol version 2 DSA authentication identity of the user.
-.It Pa $HOME/.ssh/id_rsa
-Contains the protocol version 2 RSA authentication identity of the user.
-.El
-.Pp
-Identity files should not be readable by anyone but the user.
-Note that
-.Nm
-ignores identity files if they are accessible by others.
 .Sh ENVIRONMENT
 .Bl -tag -width Ds
 .It Ev "DISPLAY" and "SSH_ASKPASS"
@@ -143,11 +138,30 @@
 Identifies the path of a unix-domain socket used to communicate with the
 agent.
 .El
+.Sh FILES
+.Bl -tag -width Ds
+.It Pa $HOME/.ssh/identity
+Contains the protocol version 1 RSA authentication identity of the user.
+.It Pa $HOME/.ssh/id_dsa
+Contains the protocol version 2 DSA authentication identity of the user.
+.It Pa $HOME/.ssh/id_rsa
+Contains the protocol version 2 RSA authentication identity of the user.
+.El
+.Pp
+Identity files should not be readable by anyone but the user.
+Note that
+.Nm
+ignores identity files if they are accessible by others.
 .Sh DIAGNOSTICS
 Exit status is 0 on success, 1 if the specified command fails,
 and 2 if
 .Nm
 is unable to contact the authentication agent.
+.Sh SEE ALSO
+.Xr ssh 1 ,
+.Xr ssh-agent 1 ,
+.Xr ssh-keygen 1 ,
+.Xr sshd 8
 .Sh AUTHORS
 OpenSSH is a derivative of the original and free
 ssh 1.2.12 release by Tatu Ylonen.
@@ -157,8 +171,3 @@
 created OpenSSH.
 Markus Friedl contributed the support for SSH
 protocol versions 1.5 and 2.0.
-.Sh SEE ALSO
-.Xr ssh 1 ,
-.Xr ssh-agent 1 ,
-.Xr ssh-keygen 1 ,
-.Xr sshd 8