-.\" $OpenBSD: ssh-agent.1,v 1.48 2009/10/22 12:35:53 sobrado Exp $
+.\" $OpenBSD: ssh-agent.1,v 1.50 2010/01/17 21:49:09 tedu Exp $
.\"
.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
.Bl -tag -width Ds
.It Fl a Ar bind_address
Bind the agent to the
-.Ux
-domain socket
+.Ux Ns -domain
+socket
.Ar bind_address .
The default is
.Pa /tmp/ssh-XXXXXXXXXX/agent.\*(Ltppid\*(Gt .
.Pa ~/.ssh/identity .
If the identity has a passphrase,
.Xr ssh-add 1
-asks for the passphrase (using a small X11 application if running
-under X11, or from the terminal if running without X).
+asks for the passphrase on the terminal if it has one or from a small X11
+program if running under X11.
+If neither of these is the case then the authentication will fail.
It then sends the identity to the agent.
Several identities can be stored in the
agent; the agent can automatically use any of these identities.
This way, private keys are not exposed to clients using the agent.
.Pp
A
-.Ux
-domain socket is created and the name of this socket is stored in the
+.Ux Ns -domain
+socket is created and the name of this socket is stored in the
.Ev SSH_AUTH_SOCK
environment
variable.
.It Pa ~/.ssh/id_rsa
Contains the protocol version 2 RSA authentication identity of the user.
.It Pa /tmp/ssh-XXXXXXXXXX/agent.\*(Ltppid\*(Gt
-.Ux
-domain sockets used to contain the connection to the
-authentication agent.
+.Ux Ns -domain
+sockets used to contain the connection to the authentication agent.
These sockets should only be readable by the owner.
The sockets should get automatically removed when the agent exits.
.El
andersk / openssh.git / blobdiff