| version 1.54, 2013/12/07 11:58:46 |
version 1.55, 2014/04/16 23:28:12 |
|
|
| .Nm |
.Nm |
| is a program to hold private keys used for public key authentication |
is a program to hold private keys used for public key authentication |
| (RSA, DSA, ECDSA, ED25519). |
(RSA, DSA, ECDSA, ED25519). |
| The idea is that |
|
| .Nm |
.Nm |
| is started in the beginning of an X-session or a login session, and |
is usually started in the beginning of an X-session or a login session, and |
| all other windows or programs are started as clients to the ssh-agent |
all other windows or programs are started as clients to the ssh-agent |
| program. |
program. |
| Through use of environment variables the agent can be located |
Through use of environment variables the agent can be located |
|
|
| machines using |
machines using |
| .Xr ssh 1 . |
.Xr ssh 1 . |
| .Pp |
.Pp |
| |
The agent initially does not have any private keys. |
| |
Keys are added using |
| |
.Xr ssh-add 1 . |
| |
Multiple identities may be stored in |
| |
.Nm |
| |
concurrently and |
| |
.Xr ssh 1 |
| |
will automatically use them if present. |
| |
.Xr ssh-add 1 |
| |
is also used to remove keys from |
| |
.Nm |
| |
and to query the keys that are held in one. |
| |
.Pp |
| The options are as follows: |
The options are as follows: |
| .Bl -tag -width Ds |
.Bl -tag -width Ds |
| .It Fl a Ar bind_address |
.It Fl a Ar bind_address |
|
|
| If a commandline is given, this is executed as a subprocess of the agent. |
If a commandline is given, this is executed as a subprocess of the agent. |
| When the command dies, so does the agent. |
When the command dies, so does the agent. |
| .Pp |
.Pp |
| The agent initially does not have any private keys. |
|
| Keys are added using |
|
| .Xr ssh-add 1 . |
|
| When executed without arguments, |
|
| .Xr ssh-add 1 |
|
| adds the files |
|
| .Pa ~/.ssh/id_rsa , |
|
| .Pa ~/.ssh/id_dsa , |
|
| .Pa ~/.ssh/id_ecdsa , |
|
| .Pa ~/.ssh/id_ed25519 |
|
| and |
|
| .Pa ~/.ssh/identity . |
|
| If the identity has a passphrase, |
|
| .Xr ssh-add 1 |
|
| asks for the passphrase on the terminal if it has one or from a small X11 |
|
| program if running under X11. |
|
| If neither of these is the case then the authentication will fail. |
|
| It then sends the identity to the agent. |
|
| Several identities can be stored in the |
|
| agent; the agent can automatically use any of these identities. |
|
| .Ic ssh-add -l |
|
| displays the identities currently held by the agent. |
|
| .Pp |
|
| The idea is that the agent is run in the user's local PC, laptop, or |
The idea is that the agent is run in the user's local PC, laptop, or |
| terminal. |
terminal. |
| Authentication data need not be stored on any other |
Authentication data need not be stored on any other |
|
|
| line terminates. |
line terminates. |
| .Sh FILES |
.Sh FILES |
| .Bl -tag -width Ds |
.Bl -tag -width Ds |
| .It Pa ~/.ssh/identity |
|
| Contains the protocol version 1 RSA authentication identity of the user. |
|
| .It Pa ~/.ssh/id_dsa |
|
| Contains the protocol version 2 DSA authentication identity of the user. |
|
| .It Pa ~/.ssh/id_ecdsa |
|
| Contains the protocol version 2 ECDSA authentication identity of the user. |
|
| .It Pa ~/.ssh/id_ed25519 |
|
| Contains the protocol version 2 ED25519 authentication identity of the user. |
|
| .It Pa ~/.ssh/id_rsa |
|
| Contains the protocol version 2 RSA authentication identity of the user. |
|
| .It Pa $TMPDIR/ssh-XXXXXXXXXX/agent.\*(Ltppid\*(Gt |
.It Pa $TMPDIR/ssh-XXXXXXXXXX/agent.\*(Ltppid\*(Gt |
| .Ux Ns -domain |
.Ux Ns -domain |
| sockets used to contain the connection to the authentication agent. |
sockets used to contain the connection to the authentication agent. |
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh-agent.1 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh