[openssh.git] / ssh-add.1

.\"  -*- nroff -*-
.\"
.\" ssh-add.1
.\"
.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
.\"
.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
.\"                    All rights reserved
.\"
.\" Created: Sat Apr 22 23:55:14 1995 ylo
.\"
.\" $Id$
.\"
.Dd September 25, 1999
.Dt SSH-ADD 1
.Os
.Sh NAME
.Nm ssh-add
.Nd adds identities for the authentication agent
.Sh SYNOPSIS
.Nm ssh-add
.Op Fl lLdD
.Op Ar
.Sh DESCRIPTION 
.Nm
adds identities to the authentication agent,
.Xr ssh-agent 1 .
When run without arguments, it adds the file
.Pa $HOME/.ssh/identity .
Alternative file names can be given on the
command line.  If any file requires a passphrase,
.Nm
asks for the passphrase from the user. 
The Passphrase it is read from the user's tty.  
.Pp
The authentication agent must be running and must be an ancestor of
the current process for
.Nm
to work.
.Pp
The options are as follows:
.Bl -tag -width Ds
.It Fl l
Lists fingerprints of all identities currently represented by the agent.
.It Fl L
Lists public key parameters of all identities currently represented by the agent.
.It Fl d
Instead of adding the identity, removes the identity from the agent.
.It Fl D
Deletes all identities from the agent.
.El
.Sh FILES
.Bl -tag -width Ds
.Pa $HOME/.ssh/identity
Contains the RSA authentication identity of the user.  This file
should not be readable by anyone but the user.
Note that
.Nm
ignores this file if it is accessible by others.
It is possible to
specify a passphrase when generating the key; that passphrase will be
used to encrypt the private part of this file.  This is the
default file added by
.Nm
when no other files have been specified.
.Pp
If
.Nm
needs a passphrase, it will read the passphrase from the current
terminal if it was run from a terminal.  If
.Nm
does not have a terminal associated with it but
.Ev DISPLAY
and
.Ev SSH_ASKPASS
are set, it will execute the program specified by
.Ev SSH_ASKPASS
and open an X11 window to read the passphrase.  This is particularly
useful when calling
.Nm
from a
.Pa .Xsession
or related script.  (Note that on some machines it
may be necessary to redirect the input from
.Pa /dev/null
to make this work.)
.Sh AUTHOR
Tatu Ylonen <ylo@cs.hut.fi>
.Pp
OpenSSH
is a derivative of the original (free) ssh 1.2.12 release, but with bugs
removed and newer features re-added.   Rapidly after the 1.2.12 release,
newer versions bore successively more restrictive licenses.  This version
of OpenSSH
.Bl -bullet
.It
has all components of a restrictive nature (ie. patents, see
.Xr ssl 8 )
directly removed from the source code; any licensed or patented components
are chosen from
external libraries.
.It
has been updated to support ssh protocol 1.5.
.It
contains added support for 
.Xr kerberos 8
authentication and ticket passing.
.It
supports one-time password authentication with
.Xr skey 1 .
.El
.Pp
The libraries described in
.Xr ssl 8
are required for proper operation.
.Sh SEE ALSO
.Xr ssh 1 ,
.Xr ssh-agent 1 ,
.Xr ssh-keygen 1 ,
.Xr sshd 8 ,
.Xr ssl 8
Commit	Line	Data
bf740959	1	.\" -- nroff --
	2	.\"
	3	.\" ssh-add.1
	4	.\"
	5	.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
	6	.\"
	7	.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
	8	.\" All rights reserved
	9	.\"
	10	.\" Created: Sat Apr 22 23:55:14 1995 ylo
	11	.\"
	12	.\" $Id$
	13	.\"
	14	.Dd September 25, 1999
	15	.Dt SSH-ADD 1
	16	.Os
	17	.Sh NAME
	18	.Nm ssh-add
	19	.Nd adds identities for the authentication agent
	20	.Sh SYNOPSIS
	21	.Nm ssh-add
f095fcc7	22	.Op Fl lLdD
bf740959	23	.Op Ar
	24	.Sh DESCRIPTION
	25	.Nm
	26	adds identities to the authentication agent,
	27	.Xr ssh-agent 1 .
	28	When run without arguments, it adds the file
	29	.Pa $HOME/.ssh/identity .
	30	Alternative file names can be given on the
	31	command line. If any file requires a passphrase,
	32	.Nm
	33	asks for the passphrase from the user.
	34	The Passphrase it is read from the user's tty.
	35	.Pp
	36	The authentication agent must be running and must be an ancestor of
	37	the current process for
	38	.Nm
	39	to work.
	40	.Pp
	41	The options are as follows:
	42	.Bl -tag -width Ds
	43	.It Fl l
f095fcc7	44	Lists fingerprints of all identities currently represented by the agent.
	45	.It Fl L
	46	Lists public key parameters of all identities currently represented by the agent.
bf740959	47	.It Fl d
	48	Instead of adding the identity, removes the identity from the agent.
	49	.It Fl D
	50	Deletes all identities from the agent.
	51	.El
	52	.Sh FILES
	53	.Bl -tag -width Ds
	54	.Pa $HOME/.ssh/identity
	55	Contains the RSA authentication identity of the user. This file
	56	should not be readable by anyone but the user.
	57	Note that
	58	.Nm
	59	ignores this file if it is accessible by others.
	60	It is possible to
	61	specify a passphrase when generating the key; that passphrase will be
	62	used to encrypt the private part of this file. This is the
	63	default file added by
	64	.Nm
	65	when no other files have been specified.
	66	.Pp
	67	If
	68	.Nm
	69	needs a passphrase, it will read the passphrase from the current
	70	terminal if it was run from a terminal. If
	71	.Nm
	72	does not have a terminal associated with it but
	73	.Ev DISPLAY
aa3378df	74	and
	75	.Ev SSH_ASKPASS
	76	are set, it will execute the program specified by
	77	.Ev SSH_ASKPASS
	78	and open an X11 window to read the passphrase. This is particularly
bf740959	79	useful when calling
	80	.Nm
	81	from a
	82	.Pa .Xsession
	83	or related script. (Note that on some machines it
	84	may be necessary to redirect the input from
	85	.Pa /dev/null
	86	to make this work.)
	87	.Sh AUTHOR
	88	Tatu Ylonen <ylo@cs.hut.fi>
	89	.Pp
	90	OpenSSH
	91	is a derivative of the original (free) ssh 1.2.12 release, but with bugs
	92	removed and newer features re-added. Rapidly after the 1.2.12 release,
	93	newer versions bore successively more restrictive licenses. This version
	94	of OpenSSH
	95	.Bl -bullet
	96	.It
	97	has all components of a restrictive nature (ie. patents, see
	98	.Xr ssl 8 )
	99	directly removed from the source code; any licensed or patented components
	100	are chosen from
	101	external libraries.
	102	.It
	103	has been updated to support ssh protocol 1.5.
	104	.It
	105	contains added support for
	106	.Xr kerberos 8
	107	authentication and ticket passing.
	108	.It
	109	supports one-time password authentication with
	110	.Xr skey 1 .
	111	.El
	112	.Pp
	113	The libraries described in
	114	.Xr ssl 8
	115	are required for proper operation.
	116	.Sh SEE ALSO
	117	.Xr ssh 1 ,
	118	.Xr ssh-agent 1 ,
	119	.Xr ssh-keygen 1 ,
	120	.Xr sshd 8 ,
	121	.Xr ssl 8