version 1.12, 2000/05/03 18:04:39 |
version 1.12.2.3, 2001/03/12 15:44:15 |
|
|
.\" $OpenBSD$ |
.\" $OpenBSD$ |
.\" |
.\" |
.\" -*- nroff -*- |
|
.\" |
|
.\" ssh-agent.1 |
|
.\" |
|
.\" Author: Tatu Ylonen <ylo@cs.hut.fi> |
.\" Author: Tatu Ylonen <ylo@cs.hut.fi> |
.\" |
|
.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
.\" All rights reserved |
.\" All rights reserved |
.\" |
.\" |
.\" Created: Sat Apr 23 20:10:43 1995 ylo |
.\" As far as I am concerned, the code I have written for this software |
|
.\" can be used freely for any purpose. Any derived versions of this |
|
.\" software must be clearly marked as such, and if the derived work is |
|
.\" incompatible with the protocol description in the RFC file, it must be |
|
.\" called by a name other than "ssh" or "Secure Shell". |
.\" |
.\" |
|
.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved. |
|
.\" Copyright (c) 1999 Aaron Campbell. All rights reserved. |
|
.\" Copyright (c) 1999 Theo de Raadt. All rights reserved. |
|
.\" |
|
.\" Redistribution and use in source and binary forms, with or without |
|
.\" modification, are permitted provided that the following conditions |
|
.\" are met: |
|
.\" 1. Redistributions of source code must retain the above copyright |
|
.\" notice, this list of conditions and the following disclaimer. |
|
.\" 2. Redistributions in binary form must reproduce the above copyright |
|
.\" notice, this list of conditions and the following disclaimer in the |
|
.\" documentation and/or other materials provided with the distribution. |
|
.\" |
|
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR |
|
.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
|
.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
|
.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, |
|
.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
|
.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
|
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
|
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
|
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
|
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
|
.\" |
.Dd September 25, 1999 |
.Dd September 25, 1999 |
.Dt SSH-AGENT 1 |
.Dt SSH-AGENT 1 |
.Os |
.Os |
|
|
.Nd authentication agent |
.Nd authentication agent |
.Sh SYNOPSIS |
.Sh SYNOPSIS |
.Nm ssh-agent |
.Nm ssh-agent |
.Op Fl c Li | Fl s |
|
.Op Fl k |
|
.Oo |
|
.Ar command |
.Ar command |
.Op Ar args ... |
.Ar args ... |
.Oc |
.Nm ssh-agent |
|
.Op Fl c Li | Fl s |
|
.Nm ssh-agent |
|
.Fl k |
.Sh DESCRIPTION |
.Sh DESCRIPTION |
.Nm |
.Nm |
is a program to hold private keys used for RSA authentication. |
is a program to hold private keys used for public key authentication |
|
(RSA, DSA). |
The idea is that |
The idea is that |
.Nm |
.Nm |
is started in the beginning of an X-session or a login session, and |
is started in the beginning of an X-session or a login session, and |
all other windows or programs are started as clients to the ssh-agent |
all other windows or programs are started as clients to the ssh-agent |
program. |
program. |
Through use of environment variables the agent can be located |
Through use of environment variables the agent can be located |
and automatically used for RSA authentication when logging in to other |
and automatically used for authentication when logging in to other |
machines using |
machines using |
.Xr ssh 1 . |
.Xr ssh 1 . |
.Pp |
.Pp |
|
|
but is normally added to the agent using |
but is normally added to the agent using |
.Xr ssh-add 1 |
.Xr ssh-add 1 |
at login time. |
at login time. |
.It Pa /tmp/ssh-XXXX/agent.<pid> , |
.It Pa $HOME/.ssh/id_dsa |
|
Contains the DSA authentication identity of the user. |
|
.It Pa /tmp/ssh-XXXXXXXX/agent.<pid> |
Unix-domain sockets used to contain the connection to the |
Unix-domain sockets used to contain the connection to the |
authentication agent. |
authentication agent. |
These sockets should only be readable by the owner. |
These sockets should only be readable by the owner. |
The sockets should get automatically removed when the agent exits. |
The sockets should get automatically removed when the agent exits. |
.Sh AUTHOR |
|
Tatu Ylonen <ylo@cs.hut.fi> |
|
.Pp |
|
OpenSSH |
|
is a derivative of the original (free) ssh 1.2.12 release, but with bugs |
|
removed and newer features re-added. |
|
Rapidly after the 1.2.12 release, |
|
newer versions bore successively more restrictive licenses. |
|
This version of OpenSSH |
|
.Bl -bullet |
|
.It |
|
has all components of a restrictive nature (i.e., patents, see |
|
.Xr ssl 8 ) |
|
directly removed from the source code; any licensed or patented components |
|
are chosen from |
|
external libraries. |
|
.It |
|
has been updated to support ssh protocol 1.5. |
|
.It |
|
contains added support for |
|
.Xr kerberos 8 |
|
authentication and ticket passing. |
|
.It |
|
supports one-time password authentication with |
|
.Xr skey 1 . |
|
.El |
.El |
.Pp |
.Sh AUTHORS |
The libraries described in |
OpenSSH is a derivative of the original and free |
.Xr ssl 8 |
ssh 1.2.12 release by Tatu Ylonen. |
are required for proper operation. |
Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, |
|
Theo de Raadt and Dug Song |
|
removed many bugs, re-added newer features and |
|
created OpenSSH. |
|
Markus Friedl contributed the support for SSH |
|
protocol versions 1.5 and 2.0. |
.Sh SEE ALSO |
.Sh SEE ALSO |
.Xr ssh 1 , |
.Xr ssh 1 , |
.Xr ssh-add 1 , |
.Xr ssh-add 1 , |
.Xr ssh-keygen 1 , |
.Xr ssh-keygen 1 , |
.Xr sshd 8 , |
.Xr sshd 8 |
.Xr ssl 8 |
|