-.\" $OpenBSD: ssh-agent.1,v 1.41 2004/07/11 17:48:47 deraadt Exp $
+.\" $OpenBSD: ssh-agent.1,v 1.46 2007/09/09 11:38:01 sobrado Exp $
.\"
.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd September 25, 1999
+.Dd $Mdocdate$
.Dt SSH-AGENT 1
.Os
.Sh NAME
.Nd authentication agent
.Sh SYNOPSIS
.Nm ssh-agent
-.Op Fl a Ar bind_address
.Op Fl c Li | Fl s
-.Op Fl t Ar life
.Op Fl d
-.Op Ar command Op Ar args ...
+.Op Fl a Ar bind_address
+.Op Fl t Ar life
+.Op Ar command Op Ar arg ...
.Nm ssh-agent
.Op Fl c Li | Fl s
.Fl k
Bind the agent to the unix-domain socket
.Ar bind_address .
The default is
-.Pa /tmp/ssh-XXXXXXXX/agent.<ppid> .
+.Pa /tmp/ssh-XXXXXXXXXX/agent.\*(Ltppid\*(Gt .
.It Fl c
Generate C-shell commands on
.Dv stdout .
This is the default if
.Ev SHELL
looks like it's a csh style of shell.
+.It Fl d
+Debug mode.
+When this option is specified
+.Nm
+will not fork.
+.It Fl k
+Kill the current agent (given by the
+.Ev SSH_AGENT_PID
+environment variable).
.It Fl s
Generate Bourne shell commands on
.Dv stdout .
This is the default if
.Ev SHELL
does not look like it's a csh style of shell.
-.It Fl k
-Kill the current agent (given by the
-.Ev SSH_AGENT_PID
-environment variable).
.It Fl t Ar life
Set a default value for the maximum lifetime of identities added to the agent.
The lifetime may be specified in seconds or in a time format specified in
-.Xr sshd 8 .
+.Xr sshd_config 5 .
A lifetime specified for an identity with
.Xr ssh-add 1
overrides this value.
Without this option the default maximum lifetime is forever.
-.It Fl d
-Debug mode.
-When this option is specified
-.Nm
-will not fork.
.El
.Pp
If a commandline is given, this is executed as a subprocess of the agent.
When executed without arguments,
.Xr ssh-add 1
adds the files
-.Pa $HOME/.ssh/id_rsa ,
-.Pa $HOME/.ssh/id_dsa
+.Pa ~/.ssh/id_rsa ,
+.Pa ~/.ssh/id_dsa
and
-.Pa $HOME/.ssh/identity .
+.Pa ~/.ssh/identity .
If the identity has a passphrase,
.Xr ssh-add 1
asks for the passphrase (using a small X11 application if running
line terminates.
.Sh FILES
.Bl -tag -width Ds
-.It Pa $HOME/.ssh/identity
+.It Pa ~/.ssh/identity
Contains the protocol version 1 RSA authentication identity of the user.
-.It Pa $HOME/.ssh/id_dsa
+.It Pa ~/.ssh/id_dsa
Contains the protocol version 2 DSA authentication identity of the user.
-.It Pa $HOME/.ssh/id_rsa
+.It Pa ~/.ssh/id_rsa
Contains the protocol version 2 RSA authentication identity of the user.
-.It Pa /tmp/ssh-XXXXXXXX/agent.<ppid>
+.It Pa /tmp/ssh-XXXXXXXXXX/agent.\*(Ltppid\*(Gt
Unix-domain sockets used to contain the connection to the
authentication agent.
These sockets should only be readable by the owner.