xref: /freebsd/crypto/openssh/ssh-add.1 (revision 23f282aa31e9b6fceacd449020e936e98d6f2298) 
1.\"  -*- nroff -*-
2.\"
3.\" ssh-add.1
4.\"
5.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
6.\"
7.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
8.\"                    All rights reserved
9.\"
10.\" Created: Sat Apr 22 23:55:14 1995 ylo
11.\"
12.\" $Id: ssh-add.1,v 1.11 2000/03/23 21:11:38 aaron Exp $
13.\"
14.Dd September 25, 1999
15.Dt SSH-ADD 1
16.Os
17.Sh NAME
18.Nm ssh-add
19.Nd adds identities for the authentication agent
20.Sh SYNOPSIS
21.Nm ssh-add
22.Op Fl lLdD
23.Op Ar
24.Sh DESCRIPTION
25.Nm
26adds identities to the authentication agent,
27.Xr ssh-agent 1 .
28When run without arguments, it adds the file
29.Pa $HOME/.ssh/identity .
30Alternative file names can be given on the command line.
31If any file requires a passphrase,
32.Nm
33asks for the passphrase from the user.
34The Passphrase it is read from the user's tty.
35.Pp
36The authentication agent must be running and must be an ancestor of
37the current process for
38.Nm
39to work.
40.Pp
41The options are as follows:
42.Bl -tag -width Ds
43.It Fl l
44Lists fingerprints of all identities currently represented by the agent.
45.It Fl L
46Lists public key parameters of all identities currently represented by the agent.
47.It Fl d
48Instead of adding the identity, removes the identity from the agent.
49.It Fl D
50Deletes all identities from the agent.
51.El
52.Sh FILES
53.Bl -tag -width Ds
54.It Pa $HOME/.ssh/identity
55Contains the RSA authentication identity of the user.
56This file should not be readable by anyone but the user.
57Note that
58.Nm
59ignores this file if it is accessible by others.
60It is possible to
61specify a passphrase when generating the key; that passphrase will be
62used to encrypt the private part of this file.
63This is the default file added by
64.Nm
65when no other files have been specified.
66.Pp
67.Sh ENVIRONMENT
68.Bl -tag -width Ds
69.It Ev "DISPLAY" and "SSH_ASKPASS"
70If
71.Nm
72needs a passphrase, it will read the passphrase from the current
73terminal if it was run from a terminal.
74If
75.Nm
76does not have a terminal associated with it but
77.Ev DISPLAY
78and
79.Ev SSH_ASKPASS
80are set, it will execute the program specified by
81.Ev SSH_ASKPASS
82and open an X11 window to read the passphrase.
83This is particularly useful when calling
84.Nm
85from a
86.Pa .Xsession
87or related script.
88(Note that on some machines it
89may be necessary to redirect the input from
90.Pa /dev/null
91to make this work.)
92.Sh AUTHOR
93Tatu Ylonen <ylo@cs.hut.fi>
94.Pp
95OpenSSH
96is a derivative of the original (free) ssh 1.2.12 release, but with bugs
97removed and newer features re-added.
98Rapidly after the 1.2.12 release,
99newer versions bore successively more restrictive licenses.
100This version of OpenSSH
101.Bl -bullet
102.It
103has all components of a restrictive nature (i.e., patents, see
104.Xr ssl 8 )
105directly removed from the source code; any licensed or patented components
106are chosen from
107external libraries.
108.It
109has been updated to support ssh protocol 1.5.
110.It
111contains added support for
112.Xr kerberos 8
113authentication and ticket passing.
114.It
115supports one-time password authentication with
116.Xr skey 1 .
117.El
118.Pp
119The libraries described in
120.Xr ssl 8
121are required for proper operation.
122.Sh SEE ALSO
123.Xr ssh 1 ,
124.Xr ssh-agent 1 ,
125.Xr ssh-keygen 1 ,
126.Xr sshd 8 ,
127.Xr ssl 8
128