Annotation of src/usr.bin/ssh/ssh-add.1, Revision 1.23
1.23 ! markus 1: .\" $OpenBSD: ssh-add.1,v 1.22 2001/03/02 18:54:31 deraadt Exp $
1.20 niklas 2: .\"
1.1 deraadt 3: .\" -*- nroff -*-
4: .\"
5: .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
6: .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
7: .\" All rights reserved
8: .\"
1.17 deraadt 9: .\" As far as I am concerned, the code I have written for this software
10: .\" can be used freely for any purpose. Any derived versions of this
11: .\" software must be clearly marked as such, and if the derived work is
12: .\" incompatible with the protocol description in the RFC file, it must be
13: .\" called by a name other than "ssh" or "Secure Shell".
14: .\"
15: .\"
1.22 deraadt 16: .\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved.
17: .\" Copyright (c) 1999 Aaron Campbell. All rights reserved.
18: .\" Copyright (c) 1999 Theo de Raadt. All rights reserved.
1.17 deraadt 19: .\"
20: .\" Redistribution and use in source and binary forms, with or without
21: .\" modification, are permitted provided that the following conditions
22: .\" are met:
23: .\" 1. Redistributions of source code must retain the above copyright
24: .\" notice, this list of conditions and the following disclaimer.
25: .\" 2. Redistributions in binary form must reproduce the above copyright
26: .\" notice, this list of conditions and the following disclaimer in the
27: .\" documentation and/or other materials provided with the distribution.
1.1 deraadt 28: .\"
1.17 deraadt 29: .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
30: .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
31: .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
32: .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
33: .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
34: .\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
35: .\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
36: .\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
37: .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
38: .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
1.1 deraadt 39: .\"
1.2 deraadt 40: .Dd September 25, 1999
41: .Dt SSH-ADD 1
42: .Os
43: .Sh NAME
44: .Nm ssh-add
1.14 markus 45: .Nd adds RSA or DSA identities for the authentication agent
1.2 deraadt 46: .Sh SYNOPSIS
47: .Nm ssh-add
1.7 markus 48: .Op Fl lLdD
1.2 deraadt 49: .Op Ar
1.12 aaron 50: .Sh DESCRIPTION
1.2 deraadt 51: .Nm
1.14 markus 52: adds RSA or DSA identities to the authentication agent,
1.2 deraadt 53: .Xr ssh-agent 1 .
1.1 deraadt 54: When run without arguments, it adds the file
1.2 deraadt 55: .Pa $HOME/.ssh/identity .
1.11 aaron 56: Alternative file names can be given on the command line.
57: If any file requires a passphrase,
1.2 deraadt 58: .Nm
1.12 aaron 59: asks for the passphrase from the user.
1.11 aaron 60: The Passphrase it is read from the user's tty.
1.23 ! markus 61: .Nm
! 62: retries the last passphrase if multiple identity files are given.
1.2 deraadt 63: .Pp
1.1 deraadt 64: The authentication agent must be running and must be an ancestor of
65: the current process for
1.2 deraadt 66: .Nm
1.1 deraadt 67: to work.
1.2 deraadt 68: .Pp
69: The options are as follows:
70: .Bl -tag -width Ds
71: .It Fl l
1.7 markus 72: Lists fingerprints of all identities currently represented by the agent.
73: .It Fl L
74: Lists public key parameters of all identities currently represented by the agent.
1.2 deraadt 75: .It Fl d
1.1 deraadt 76: Instead of adding the identity, removes the identity from the agent.
1.2 deraadt 77: .It Fl D
1.1 deraadt 78: Deletes all identities from the agent.
1.2 deraadt 79: .El
80: .Sh FILES
81: .Bl -tag -width Ds
1.9 markus 82: .It Pa $HOME/.ssh/identity
1.11 aaron 83: Contains the RSA authentication identity of the user.
84: This file should not be readable by anyone but the user.
1.4 markus 85: Note that
86: .Nm
87: ignores this file if it is accessible by others.
88: It is possible to
1.1 deraadt 89: specify a passphrase when generating the key; that passphrase will be
1.11 aaron 90: used to encrypt the private part of this file.
91: This is the default file added by
1.2 deraadt 92: .Nm
1.1 deraadt 93: when no other files have been specified.
1.14 markus 94: .It Pa $HOME/.ssh/id_dsa
95: Contains the DSA authentication identity of the user.
1.16 itojun 96: .El
1.9 markus 97: .Sh ENVIRONMENT
98: .Bl -tag -width Ds
99: .It Ev "DISPLAY" and "SSH_ASKPASS"
1.1 deraadt 100: If
1.2 deraadt 101: .Nm
1.1 deraadt 102: needs a passphrase, it will read the passphrase from the current
1.11 aaron 103: terminal if it was run from a terminal.
104: If
1.2 deraadt 105: .Nm
1.1 deraadt 106: does not have a terminal associated with it but
1.2 deraadt 107: .Ev DISPLAY
1.8 markus 108: and
109: .Ev SSH_ASKPASS
110: are set, it will execute the program specified by
111: .Ev SSH_ASKPASS
1.11 aaron 112: and open an X11 window to read the passphrase.
113: This is particularly useful when calling
1.2 deraadt 114: .Nm
115: from a
116: .Pa .Xsession
1.11 aaron 117: or related script.
118: (Note that on some machines it
1.2 deraadt 119: may be necessary to redirect the input from
120: .Pa /dev/null
121: to make this work.)
1.16 itojun 122: .El
1.18 aaron 123: .Sh AUTHORS
1.19 markus 124: OpenSSH is a derivative of the original and free
125: ssh 1.2.12 release by Tatu Ylonen.
126: Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
127: Theo de Raadt and Dug Song
128: removed many bugs, re-added newer features and
129: created OpenSSH.
130: Markus Friedl contributed the support for SSH
131: protocol versions 1.5 and 2.0.
1.2 deraadt 132: .Sh SEE ALSO
133: .Xr ssh 1 ,
134: .Xr ssh-agent 1 ,
135: .Xr ssh-keygen 1 ,
1.21 itojun 136: .Xr sshd 8