xref: /freebsd/crypto/openssh/ssh-add.1 (revision daf1cffce2e07931f27c6c6998652e90df6ba87e) 
1.\"  -*- nroff -*-
2.\"
3.\" ssh-add.1
4.\"
5.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
6.\"
7.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
8.\"                    All rights reserved
9.\"
10.\" Created: Sat Apr 22 23:55:14 1995 ylo
11.\"
12.\" $Id: ssh-add.1,v 1.10 2000/01/22 02:17:50 aaron Exp $
13.\"
14.Dd September 25, 1999
15.Dt SSH-ADD 1
16.Os
17.Sh NAME
18.Nm ssh-add
19.Nd adds identities for the authentication agent
20.Sh SYNOPSIS
21.Nm ssh-add
22.Op Fl lLdD
23.Op Ar
24.Sh DESCRIPTION
25.Nm
26adds identities to the authentication agent,
27.Xr ssh-agent 1 .
28When run without arguments, it adds the file
29.Pa $HOME/.ssh/identity .
30Alternative file names can be given on the
31command line.  If any file requires a passphrase,
32.Nm
33asks for the passphrase from the user.
34The Passphrase it is read from the user's tty.
35.Pp
36The authentication agent must be running and must be an ancestor of
37the current process for
38.Nm
39to work.
40.Pp
41The options are as follows:
42.Bl -tag -width Ds
43.It Fl l
44Lists fingerprints of all identities currently represented by the agent.
45.It Fl L
46Lists public key parameters of all identities currently represented by the agent.
47.It Fl d
48Instead of adding the identity, removes the identity from the agent.
49.It Fl D
50Deletes all identities from the agent.
51.El
52.Sh FILES
53.Bl -tag -width Ds
54.It Pa $HOME/.ssh/identity
55Contains the RSA authentication identity of the user.  This file
56should not be readable by anyone but the user.
57Note that
58.Nm
59ignores this file if it is accessible by others.
60It is possible to
61specify a passphrase when generating the key; that passphrase will be
62used to encrypt the private part of this file.  This is the
63default file added by
64.Nm
65when no other files have been specified.
66.Pp
67.Sh ENVIRONMENT
68.Bl -tag -width Ds
69.It Ev "DISPLAY" and "SSH_ASKPASS"
70If
71.Nm
72needs a passphrase, it will read the passphrase from the current
73terminal if it was run from a terminal.  If
74.Nm
75does not have a terminal associated with it but
76.Ev DISPLAY
77and
78.Ev SSH_ASKPASS
79are set, it will execute the program specified by
80.Ev SSH_ASKPASS
81and open an X11 window to read the passphrase.  This is particularly
82useful when calling
83.Nm
84from a
85.Pa .Xsession
86or related script.  (Note that on some machines it
87may be necessary to redirect the input from
88.Pa /dev/null
89to make this work.)
90.Sh AUTHOR
91Tatu Ylonen <ylo@cs.hut.fi>
92.Pp
93OpenSSH
94is a derivative of the original (free) ssh 1.2.12 release, but with bugs
95removed and newer features re-added.   Rapidly after the 1.2.12 release,
96newer versions bore successively more restrictive licenses.  This version
97of OpenSSH
98.Bl -bullet
99.It
100has all components of a restrictive nature (i.e., patents, see
101.Xr ssl 8 )
102directly removed from the source code; any licensed or patented components
103are chosen from
104external libraries.
105.It
106has been updated to support ssh protocol 1.5.
107.It
108contains added support for
109.Xr kerberos 8
110authentication and ticket passing.
111.It
112supports one-time password authentication with
113.Xr skey 1 .
114.El
115.Pp
116The libraries described in
117.Xr ssl 8
118are required for proper operation.
119.Sh SEE ALSO
120.Xr ssh 1 ,
121.Xr ssh-agent 1 ,
122.Xr ssh-keygen 1 ,
123.Xr sshd 8 ,
124.Xr ssl 8
125