.Os
.Sh NAME
.Nm ssh-add
-.Nd adds identities for the authentication agent
+.Nd adds RSA identities for the authentication agent
.Sh SYNOPSIS
.Nm ssh-add
.Op Fl lLdD
.Op Ar
-.Sh DESCRIPTION
+.Sh DESCRIPTION
.Nm
-adds identities to the authentication agent,
+adds RSA identities to the authentication agent,
.Xr ssh-agent 1 .
When run without arguments, it adds the file
.Pa $HOME/.ssh/identity .
-Alternative file names can be given on the
-command line. If any file requires a passphrase,
+Alternative file names can be given on the command line.
+If any file requires a passphrase,
.Nm
-asks for the passphrase from the user.
-The Passphrase it is read from the user's tty.
+asks for the passphrase from the user.
+The Passphrase it is read from the user's tty.
.Pp
The authentication agent must be running and must be an ancestor of
the current process for
.El
.Sh FILES
.Bl -tag -width Ds
-.Pa $HOME/.ssh/identity
-Contains the RSA authentication identity of the user. This file
-should not be readable by anyone but the user.
+.It Pa $HOME/.ssh/identity
+Contains the RSA authentication identity of the user.
+This file should not be readable by anyone but the user.
Note that
.Nm
ignores this file if it is accessible by others.
It is possible to
specify a passphrase when generating the key; that passphrase will be
-used to encrypt the private part of this file. This is the
-default file added by
+used to encrypt the private part of this file.
+This is the default file added by
.Nm
when no other files have been specified.
.Pp
+.Sh ENVIRONMENT
+.Bl -tag -width Ds
+.It Ev "DISPLAY" and "SSH_ASKPASS"
If
.Nm
needs a passphrase, it will read the passphrase from the current
-terminal if it was run from a terminal. If
+terminal if it was run from a terminal.
+If
.Nm
does not have a terminal associated with it but
.Ev DISPLAY
.Ev SSH_ASKPASS
are set, it will execute the program specified by
.Ev SSH_ASKPASS
-and open an X11 window to read the passphrase. This is particularly
-useful when calling
+and open an X11 window to read the passphrase.
+This is particularly useful when calling
.Nm
from a
.Pa .Xsession
-or related script. (Note that on some machines it
+or related script.
+(Note that on some machines it
may be necessary to redirect the input from
.Pa /dev/null
to make this work.)
.Pp
OpenSSH
is a derivative of the original (free) ssh 1.2.12 release, but with bugs
-removed and newer features re-added. Rapidly after the 1.2.12 release,
-newer versions bore successively more restrictive licenses. This version
-of OpenSSH
+removed and newer features re-added.
+Rapidly after the 1.2.12 release,
+newer versions bore successively more restrictive licenses.
+This version of OpenSSH
.Bl -bullet
.It
-has all components of a restrictive nature (ie. patents, see
-.Xr ssl 8 )
+has all components of a restrictive nature (i.e., patents)
directly removed from the source code; any licensed or patented components
are chosen from
external libraries.
.It
has been updated to support ssh protocol 1.5.
.It
-contains added support for
+contains added support for
.Xr kerberos 8
authentication and ticket passing.
.It
supports one-time password authentication with
.Xr skey 1 .
.El
-.Pp
-The libraries described in
-.Xr ssl 8
-are required for proper operation.
.Sh SEE ALSO
.Xr ssh 1 ,
.Xr ssh-agent 1 ,
.Xr ssh-keygen 1 ,
.Xr sshd 8 ,
-.Xr ssl 8