1.\" $OpenBSD: ssh-add.1,v 1.30 2002/02/04 20:41:16 stevesk Exp $ 2.\" 3.\" -*- nroff -*- 4.\" 5.\" Author: Tatu Ylonen <ylo@cs.hut.fi> 6.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 7.\" All rights reserved 8.\" 9.\" As far as I am concerned, the code I have written for this software 10.\" can be used freely for any purpose. Any derived versions of this 11.\" software must be clearly marked as such, and if the derived work is 12.\" incompatible with the protocol description in the RFC file, it must be 13.\" called by a name other than "ssh" or "Secure Shell". 14.\" 15.\" 16.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved. 17.\" Copyright (c) 1999 Aaron Campbell. All rights reserved. 18.\" Copyright (c) 1999 Theo de Raadt. All rights reserved. 19.\" 20.\" Redistribution and use in source and binary forms, with or without 21.\" modification, are permitted provided that the following conditions 22.\" are met: 23.\" 1. Redistributions of source code must retain the above copyright 24.\" notice, this list of conditions and the following disclaimer. 25.\" 2. Redistributions in binary form must reproduce the above copyright 26.\" notice, this list of conditions and the following disclaimer in the 27.\" documentation and/or other materials provided with the distribution. 28.\" 29.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 30.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 31.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 32.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 33.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 34.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 35.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 36.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 37.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 38.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 39.\" 40.Dd September 25, 1999 41.Dt SSH-ADD 1 42.Os 43.Sh NAME 44.Nm ssh-add 45.Nd adds RSA or DSA identities to the authentication agent 46.Sh SYNOPSIS 47.Nm ssh-add 48.Op Fl lLdD 49.Op Ar 50.Nm ssh-add 51.Fl s Ar reader 52.Nm ssh-add 53.Fl e Ar reader 54.Sh DESCRIPTION 55.Nm 56adds RSA or DSA identities to the authentication agent, 57.Xr ssh-agent 1 . 58When run without arguments, it adds the files 59.Pa $HOME/.ssh/id_rsa , 60.Pa $HOME/.ssh/id_dsa 61and 62.Pa $HOME/.ssh/identity . 63Alternative file names can be given on the command line. 64If any file requires a passphrase, 65.Nm 66asks for the passphrase from the user. 67The passphrase is read from the user's tty. 68.Nm 69retries the last passphrase if multiple identity files are given. 70.Pp 71The authentication agent must be running and must be an ancestor of 72the current process for 73.Nm 74to work. 75.Pp 76The options are as follows: 77.Bl -tag -width Ds 78.It Fl l 79Lists fingerprints of all identities currently represented by the agent. 80.It Fl L 81Lists public key parameters of all identities currently represented by the agent. 82.It Fl d 83Instead of adding the identity, removes the identity from the agent. 84.It Fl D 85Deletes all identities from the agent. 86.It Fl s Ar reader 87Add key in smartcard 88.Ar reader . 89.It Fl e Ar reader 90Remove key in smartcard 91.Ar reader . 92.El 93.Sh FILES 94.Bl -tag -width Ds 95.It Pa $HOME/.ssh/identity 96Contains the protocol version 1 RSA authentication identity of the user. 97.It Pa $HOME/.ssh/id_dsa 98Contains the protocol version 2 DSA authentication identity of the user. 99.It Pa $HOME/.ssh/id_rsa 100Contains the protocol version 2 RSA authentication identity of the user. 101.El 102.Pp 103Identity files should not be readable by anyone but the user. 104Note that 105.Nm 106ignores identity files if they are accessible by others. 107.Sh ENVIRONMENT 108.Bl -tag -width Ds 109.It Ev "DISPLAY" and "SSH_ASKPASS" 110If 111.Nm 112needs a passphrase, it will read the passphrase from the current 113terminal if it was run from a terminal. 114If 115.Nm 116does not have a terminal associated with it but 117.Ev DISPLAY 118and 119.Ev SSH_ASKPASS 120are set, it will execute the program specified by 121.Ev SSH_ASKPASS 122and open an X11 window to read the passphrase. 123This is particularly useful when calling 124.Nm 125from a 126.Pa .Xsession 127or related script. 128(Note that on some machines it 129may be necessary to redirect the input from 130.Pa /dev/null 131to make this work.) 132.El 133.Sh DIAGNOSTICS 134Exit status is 0 on success, 1 if the specified command fails, 135and 2 if 136.Nm 137is unable to contact the authentication agent. 138.Sh AUTHORS 139OpenSSH is a derivative of the original and free 140ssh 1.2.12 release by Tatu Ylonen. 141Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, 142Theo de Raadt and Dug Song 143removed many bugs, re-added newer features and 144created OpenSSH. 145Markus Friedl contributed the support for SSH 146protocol versions 1.5 and 2.0. 147.Sh SEE ALSO 148.Xr ssh 1 , 149.Xr ssh-agent 1 , 150.Xr ssh-keygen 1 , 151.Xr sshd 8 152