Annotation of src/usr.bin/ssh/ssh-add.1, Revision 1.16
1.1 deraadt 1: .\" -*- nroff -*-
2: .\"
3: .\" ssh-add.1
4: .\"
5: .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
6: .\"
7: .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
8: .\" All rights reserved
9: .\"
10: .\" Created: Sat Apr 22 23:55:14 1995 ylo
11: .\"
1.16 ! itojun 12: .\" $Id: ssh-add.1,v 1.15 2000/08/25 16:16:15 deraadt Exp $
1.1 deraadt 13: .\"
1.2 deraadt 14: .Dd September 25, 1999
15: .Dt SSH-ADD 1
16: .Os
17: .Sh NAME
18: .Nm ssh-add
1.14 markus 19: .Nd adds RSA or DSA identities for the authentication agent
1.2 deraadt 20: .Sh SYNOPSIS
21: .Nm ssh-add
1.7 markus 22: .Op Fl lLdD
1.2 deraadt 23: .Op Ar
1.12 aaron 24: .Sh DESCRIPTION
1.2 deraadt 25: .Nm
1.14 markus 26: adds RSA or DSA identities to the authentication agent,
1.2 deraadt 27: .Xr ssh-agent 1 .
1.1 deraadt 28: When run without arguments, it adds the file
1.2 deraadt 29: .Pa $HOME/.ssh/identity .
1.11 aaron 30: Alternative file names can be given on the command line.
31: If any file requires a passphrase,
1.2 deraadt 32: .Nm
1.12 aaron 33: asks for the passphrase from the user.
1.11 aaron 34: The Passphrase it is read from the user's tty.
1.2 deraadt 35: .Pp
1.1 deraadt 36: The authentication agent must be running and must be an ancestor of
37: the current process for
1.2 deraadt 38: .Nm
1.1 deraadt 39: to work.
1.2 deraadt 40: .Pp
41: The options are as follows:
42: .Bl -tag -width Ds
43: .It Fl l
1.7 markus 44: Lists fingerprints of all identities currently represented by the agent.
45: .It Fl L
46: Lists public key parameters of all identities currently represented by the agent.
1.2 deraadt 47: .It Fl d
1.1 deraadt 48: Instead of adding the identity, removes the identity from the agent.
1.2 deraadt 49: .It Fl D
1.1 deraadt 50: Deletes all identities from the agent.
1.2 deraadt 51: .El
52: .Sh FILES
53: .Bl -tag -width Ds
1.9 markus 54: .It Pa $HOME/.ssh/identity
1.11 aaron 55: Contains the RSA authentication identity of the user.
56: This file should not be readable by anyone but the user.
1.4 markus 57: Note that
58: .Nm
59: ignores this file if it is accessible by others.
60: It is possible to
1.1 deraadt 61: specify a passphrase when generating the key; that passphrase will be
1.11 aaron 62: used to encrypt the private part of this file.
63: This is the default file added by
1.2 deraadt 64: .Nm
1.1 deraadt 65: when no other files have been specified.
1.14 markus 66: .It Pa $HOME/.ssh/id_dsa
67: Contains the DSA authentication identity of the user.
1.16 ! itojun 68: .El
1.9 markus 69: .Sh ENVIRONMENT
70: .Bl -tag -width Ds
71: .It Ev "DISPLAY" and "SSH_ASKPASS"
1.1 deraadt 72: If
1.2 deraadt 73: .Nm
1.1 deraadt 74: needs a passphrase, it will read the passphrase from the current
1.11 aaron 75: terminal if it was run from a terminal.
76: If
1.2 deraadt 77: .Nm
1.1 deraadt 78: does not have a terminal associated with it but
1.2 deraadt 79: .Ev DISPLAY
1.8 markus 80: and
81: .Ev SSH_ASKPASS
82: are set, it will execute the program specified by
83: .Ev SSH_ASKPASS
1.11 aaron 84: and open an X11 window to read the passphrase.
85: This is particularly useful when calling
1.2 deraadt 86: .Nm
87: from a
88: .Pa .Xsession
1.11 aaron 89: or related script.
90: (Note that on some machines it
1.2 deraadt 91: may be necessary to redirect the input from
92: .Pa /dev/null
93: to make this work.)
1.16 ! itojun 94: .El
1.2 deraadt 95: .Sh AUTHOR
1.1 deraadt 96: Tatu Ylonen <ylo@cs.hut.fi>
1.3 deraadt 97: .Pp
1.5 deraadt 98: OpenSSH
99: is a derivative of the original (free) ssh 1.2.12 release, but with bugs
1.11 aaron 100: removed and newer features re-added.
101: Rapidly after the 1.2.12 release,
102: newer versions bore successively more restrictive licenses.
103: This version of OpenSSH
1.5 deraadt 104: .Bl -bullet
105: .It
1.10 aaron 106: has all components of a restrictive nature (i.e., patents, see
1.5 deraadt 107: .Xr ssl 8 )
108: directly removed from the source code; any licensed or patented components
109: are chosen from
110: external libraries.
111: .It
112: has been updated to support ssh protocol 1.5.
113: .It
1.12 aaron 114: contains added support for
1.5 deraadt 115: .Xr kerberos 8
116: authentication and ticket passing.
117: .It
118: supports one-time password authentication with
119: .Xr skey 1 .
120: .El
1.2 deraadt 121: .Sh SEE ALSO
122: .Xr ssh 1 ,
123: .Xr ssh-agent 1 ,
124: .Xr ssh-keygen 1 ,
1.3 deraadt 125: .Xr sshd 8 ,
126: .Xr ssl 8