X-Git-Url: http://andersk.mit.edu/gitweb/gssapi-openssh.git/blobdiff_plain/d44870087da70034f43297ca70c9bf10200edec7..b9f2f027ae329c0212409a6fd7af52845e823f04:/openssh/ssh-add.1 diff --git a/openssh/ssh-add.1 b/openssh/ssh-add.1 index 005041b..b842080 100644 --- a/openssh/ssh-add.1 +++ b/openssh/ssh-add.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-add.1,v 1.46 2007/06/12 13:41:03 jmc Exp $ +.\" $OpenBSD: ssh-add.1,v 1.27 2001/08/23 18:08:59 stevesk Exp $ .\" .\" -*- nroff -*- .\" @@ -37,7 +37,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: June 12 2007 $ +.Dd September 25, 1999 .Dt SSH-ADD 1 .Os .Sh NAME @@ -45,8 +45,7 @@ .Nd adds RSA or DSA identities to the authentication agent .Sh SYNOPSIS .Nm ssh-add -.Op Fl cDdLlXx -.Op Fl t Ar life +.Op Fl lLdD .Op Ar .Nm ssh-add .Fl s Ar reader @@ -56,11 +55,8 @@ .Nm adds RSA or DSA identities to the authentication agent, .Xr ssh-agent 1 . -When run without arguments, it adds the files -.Pa ~/.ssh/id_rsa , -.Pa ~/.ssh/id_dsa -and -.Pa ~/.ssh/identity . +When run without arguments, it adds the file +.Pa $HOME/.ssh/identity . Alternative file names can be given on the command line. If any file requires a passphrase, .Nm @@ -69,58 +65,46 @@ The passphrase is read from the user's tty. .Nm retries the last passphrase if multiple identity files are given. .Pp -The authentication agent must be running and the -.Ev SSH_AUTH_SOCK -environment variable must contain the name of its socket for +The authentication agent must be running and must be an ancestor of +the current process for .Nm to work. .Pp The options are as follows: .Bl -tag -width Ds -.It Fl c -Indicates that added identities should be subject to confirmation before -being used for authentication. -Confirmation is performed by the -.Ev SSH_ASKPASS -program mentioned below. -Successful confirmation is signaled by a zero exit status from the -.Ev SSH_ASKPASS -program, rather than text entered into the requester. -.It Fl D -Deletes all identities from the agent. -.It Fl d -Instead of adding identities, removes identities from the agent. -If -.Nm -has been run without arguments, the keys for the default identities will -be removed. -Otherwise, the argument list will be interpreted as a list of paths to -public key files and matching keys will be removed from the agent. -If no public key is found at a given path, -.Nm -will append -.Pa .pub -and retry. -.It Fl e Ar reader -Remove key in smartcard -.Ar reader . -.It Fl L -Lists public key parameters of all identities currently represented -by the agent. .It Fl l Lists fingerprints of all identities currently represented by the agent. +.It Fl L +Lists public key parameters of all identities currently represented by the agent. +.It Fl d +Instead of adding the identity, removes the identity from the agent. +.It Fl D +Deletes all identities from the agent. .It Fl s Ar reader Add key in smartcard .Ar reader . -.It Fl t Ar life -Set a maximum lifetime when adding identities to an agent. -The lifetime may be specified in seconds or in a time format -specified in -.Xr sshd_config 5 . -.It Fl X -Unlock the agent. -.It Fl x -Lock the agent with a password. +.It Fl e Ar reader +Remove key in smartcard +.Ar reader . +.El +.Sh FILES +.Bl -tag -width Ds +.It Pa $HOME/.ssh/identity +Contains the protocol version 1 RSA authentication identity of the user. +This file should not be readable by anyone but the user. +Note that +.Nm +ignores this file if it is accessible by others. +It is possible to +specify a passphrase when generating the key; that passphrase will be +used to encrypt the private part of this file. +This is the default file added by +.Nm +when no other files have been specified. +.It Pa $HOME/.ssh/id_dsa +Contains the protocol version 2 DSA authentication identity of the user. +.It Pa $HOME/.ssh/id_rsa +Contains the protocol version 2 RSA authentication identity of the user. .El .Sh ENVIRONMENT .Bl -tag -width Ds @@ -141,40 +125,13 @@ and open an X11 window to read the passphrase. This is particularly useful when calling .Nm from a -.Pa .xsession +.Pa .Xsession or related script. (Note that on some machines it may be necessary to redirect the input from .Pa /dev/null to make this work.) -.It Ev SSH_AUTH_SOCK -Identifies the path of a unix-domain socket used to communicate with the -agent. -.El -.Sh FILES -.Bl -tag -width Ds -.It Pa ~/.ssh/identity -Contains the protocol version 1 RSA authentication identity of the user. -.It Pa ~/.ssh/id_dsa -Contains the protocol version 2 DSA authentication identity of the user. -.It Pa ~/.ssh/id_rsa -Contains the protocol version 2 RSA authentication identity of the user. .El -.Pp -Identity files should not be readable by anyone but the user. -Note that -.Nm -ignores identity files if they are accessible by others. -.Sh DIAGNOSTICS -Exit status is 0 on success, 1 if the specified command fails, -and 2 if -.Nm -is unable to contact the authentication agent. -.Sh SEE ALSO -.Xr ssh 1 , -.Xr ssh-agent 1 , -.Xr ssh-keygen 1 , -.Xr sshd 8 .Sh AUTHORS OpenSSH is a derivative of the original and free ssh 1.2.12 release by Tatu Ylonen. @@ -184,3 +141,8 @@ removed many bugs, re-added newer features and created OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. +.Sh SEE ALSO +.Xr ssh 1 , +.Xr ssh-agent 1 , +.Xr ssh-keygen 1 , +.Xr sshd 8