Annotation of src/usr.bin/ssh/ssh-add.1, Revision 1.14
1.1 deraadt 1: .\" -*- nroff -*-
2: .\"
3: .\" ssh-add.1
4: .\"
5: .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
6: .\"
7: .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
8: .\" All rights reserved
9: .\"
10: .\" Created: Sat Apr 22 23:55:14 1995 ylo
11: .\"
1.14 ! markus 12: .\" $Id: ssh-add.1,v 1.13 2000/05/03 18:04:38 markus Exp $
1.1 deraadt 13: .\"
1.2 deraadt 14: .Dd September 25, 1999
15: .Dt SSH-ADD 1
16: .Os
17: .Sh NAME
18: .Nm ssh-add
1.14 ! markus 19: .Nd adds RSA or DSA identities for the authentication agent
1.2 deraadt 20: .Sh SYNOPSIS
21: .Nm ssh-add
1.7 markus 22: .Op Fl lLdD
1.2 deraadt 23: .Op Ar
1.12 aaron 24: .Sh DESCRIPTION
1.2 deraadt 25: .Nm
1.14 ! markus 26: adds RSA or DSA identities to the authentication agent,
1.2 deraadt 27: .Xr ssh-agent 1 .
1.1 deraadt 28: When run without arguments, it adds the file
1.2 deraadt 29: .Pa $HOME/.ssh/identity .
1.11 aaron 30: Alternative file names can be given on the command line.
31: If any file requires a passphrase,
1.2 deraadt 32: .Nm
1.12 aaron 33: asks for the passphrase from the user.
1.11 aaron 34: The Passphrase it is read from the user's tty.
1.2 deraadt 35: .Pp
1.1 deraadt 36: The authentication agent must be running and must be an ancestor of
37: the current process for
1.2 deraadt 38: .Nm
1.1 deraadt 39: to work.
1.2 deraadt 40: .Pp
41: The options are as follows:
42: .Bl -tag -width Ds
43: .It Fl l
1.7 markus 44: Lists fingerprints of all identities currently represented by the agent.
45: .It Fl L
46: Lists public key parameters of all identities currently represented by the agent.
1.2 deraadt 47: .It Fl d
1.1 deraadt 48: Instead of adding the identity, removes the identity from the agent.
1.2 deraadt 49: .It Fl D
1.1 deraadt 50: Deletes all identities from the agent.
1.2 deraadt 51: .El
52: .Sh FILES
53: .Bl -tag -width Ds
1.9 markus 54: .It Pa $HOME/.ssh/identity
1.11 aaron 55: Contains the RSA authentication identity of the user.
56: This file should not be readable by anyone but the user.
1.4 markus 57: Note that
58: .Nm
59: ignores this file if it is accessible by others.
60: It is possible to
1.1 deraadt 61: specify a passphrase when generating the key; that passphrase will be
1.11 aaron 62: used to encrypt the private part of this file.
63: This is the default file added by
1.2 deraadt 64: .Nm
1.1 deraadt 65: when no other files have been specified.
1.14 ! markus 66: .It Pa $HOME/.ssh/id_dsa
! 67: Contains the DSA authentication identity of the user.
1.2 deraadt 68: .Pp
1.9 markus 69: .Sh ENVIRONMENT
70: .Bl -tag -width Ds
71: .It Ev "DISPLAY" and "SSH_ASKPASS"
1.1 deraadt 72: If
1.2 deraadt 73: .Nm
1.1 deraadt 74: needs a passphrase, it will read the passphrase from the current
1.11 aaron 75: terminal if it was run from a terminal.
76: If
1.2 deraadt 77: .Nm
1.1 deraadt 78: does not have a terminal associated with it but
1.2 deraadt 79: .Ev DISPLAY
1.8 markus 80: and
81: .Ev SSH_ASKPASS
82: are set, it will execute the program specified by
83: .Ev SSH_ASKPASS
1.11 aaron 84: and open an X11 window to read the passphrase.
85: This is particularly useful when calling
1.2 deraadt 86: .Nm
87: from a
88: .Pa .Xsession
1.11 aaron 89: or related script.
90: (Note that on some machines it
1.2 deraadt 91: may be necessary to redirect the input from
92: .Pa /dev/null
93: to make this work.)
94: .Sh AUTHOR
1.1 deraadt 95: Tatu Ylonen <ylo@cs.hut.fi>
1.3 deraadt 96: .Pp
1.5 deraadt 97: OpenSSH
98: is a derivative of the original (free) ssh 1.2.12 release, but with bugs
1.11 aaron 99: removed and newer features re-added.
100: Rapidly after the 1.2.12 release,
101: newer versions bore successively more restrictive licenses.
102: This version of OpenSSH
1.5 deraadt 103: .Bl -bullet
104: .It
1.10 aaron 105: has all components of a restrictive nature (i.e., patents, see
1.5 deraadt 106: .Xr ssl 8 )
107: directly removed from the source code; any licensed or patented components
108: are chosen from
109: external libraries.
110: .It
111: has been updated to support ssh protocol 1.5.
112: .It
1.12 aaron 113: contains added support for
1.5 deraadt 114: .Xr kerberos 8
115: authentication and ticket passing.
116: .It
117: supports one-time password authentication with
118: .Xr skey 1 .
119: .El
120: .Pp
121: The libraries described in
1.3 deraadt 122: .Xr ssl 8
123: are required for proper operation.
1.2 deraadt 124: .Sh SEE ALSO
125: .Xr ssh 1 ,
126: .Xr ssh-agent 1 ,
127: .Xr ssh-keygen 1 ,
1.3 deraadt 128: .Xr sshd 8 ,
129: .Xr ssl 8