Annotation of src/crypto/external/bsd/openssh/dist/ssh-add.1, Revision 1.1.1.1
1.1 christos 1: .\" $NetBSD$
2: .\" $OpenBSD: ssh-add.1,v 1.46 2007/06/12 13:41:03 jmc Exp $
3: .\"
4: .\" -*- nroff -*-
5: .\"
6: .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
7: .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
8: .\" All rights reserved
9: .\"
10: .\" As far as I am concerned, the code I have written for this software
11: .\" can be used freely for any purpose. Any derived versions of this
12: .\" software must be clearly marked as such, and if the derived work is
13: .\" incompatible with the protocol description in the RFC file, it must be
14: .\" called by a name other than "ssh" or "Secure Shell".
15: .\"
16: .\"
17: .\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved.
18: .\" Copyright (c) 1999 Aaron Campbell. All rights reserved.
19: .\" Copyright (c) 1999 Theo de Raadt. All rights reserved.
20: .\"
21: .\" Redistribution and use in source and binary forms, with or without
22: .\" modification, are permitted provided that the following conditions
23: .\" are met:
24: .\" 1. Redistributions of source code must retain the above copyright
25: .\" notice, this list of conditions and the following disclaimer.
26: .\" 2. Redistributions in binary form must reproduce the above copyright
27: .\" notice, this list of conditions and the following disclaimer in the
28: .\" documentation and/or other materials provided with the distribution.
29: .\"
30: .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
31: .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
32: .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
33: .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
34: .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
35: .\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
36: .\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
37: .\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
38: .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
39: .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
40: .\"
41: .Dd $Mdocdate: June 12 2007 $
42: .Dt SSH-ADD 1
43: .Os
44: .Sh NAME
45: .Nm ssh-add
46: .Nd adds RSA or DSA identities to the authentication agent
47: .Sh SYNOPSIS
48: .Nm ssh-add
49: .Op Fl cDdLlXx
50: .Op Fl t Ar life
51: .Op Ar
52: .Nm ssh-add
53: .Fl s Ar reader
54: .Nm ssh-add
55: .Fl e Ar reader
56: .Sh DESCRIPTION
57: .Nm
58: adds RSA or DSA identities to the authentication agent,
59: .Xr ssh-agent 1 .
60: When run without arguments, it adds the files
61: .Pa ~/.ssh/id_rsa ,
62: .Pa ~/.ssh/id_dsa
63: and
64: .Pa ~/.ssh/identity .
65: Alternative file names can be given on the command line.
66: If any file requires a passphrase,
67: .Nm
68: asks for the passphrase from the user.
69: The passphrase is read from the user's tty.
70: .Nm
71: retries the last passphrase if multiple identity files are given.
72: .Pp
73: The authentication agent must be running and the
74: .Ev SSH_AUTH_SOCK
75: environment variable must contain the name of its socket for
76: .Nm
77: to work.
78: .Pp
79: The options are as follows:
80: .Bl -tag -width Ds
81: .It Fl c
82: Indicates that added identities should be subject to confirmation before
83: being used for authentication.
84: Confirmation is performed by the
85: .Ev SSH_ASKPASS
86: program mentioned below.
87: Successful confirmation is signaled by a zero exit status from the
88: .Ev SSH_ASKPASS
89: program, rather than text entered into the requester.
90: .It Fl D
91: Deletes all identities from the agent.
92: .It Fl d
93: Instead of adding identities, removes identities from the agent.
94: If
95: .Nm
96: has been run without arguments, the keys for the default identities will
97: be removed.
98: Otherwise, the argument list will be interpreted as a list of paths to
99: public key files and matching keys will be removed from the agent.
100: If no public key is found at a given path,
101: .Nm
102: will append
103: .Pa .pub
104: and retry.
105: .It Fl e Ar reader
106: Remove key in smartcard
107: .Ar reader .
108: .It Fl L
109: Lists public key parameters of all identities currently represented
110: by the agent.
111: .It Fl l
112: Lists fingerprints of all identities currently represented by the agent.
113: .It Fl s Ar reader
114: Add key in smartcard
115: .Ar reader .
116: .It Fl t Ar life
117: Set a maximum lifetime when adding identities to an agent.
118: The lifetime may be specified in seconds or in a time format
119: specified in
120: .Xr sshd_config 5 .
121: .It Fl X
122: Unlock the agent.
123: .It Fl x
124: Lock the agent with a password.
125: .El
126: .Sh ENVIRONMENT
127: .Bl -tag -width Ds
128: .It Ev "DISPLAY" and "SSH_ASKPASS"
129: If
130: .Nm
131: needs a passphrase, it will read the passphrase from the current
132: terminal if it was run from a terminal.
133: If
134: .Nm
135: does not have a terminal associated with it but
136: .Ev DISPLAY
137: and
138: .Ev SSH_ASKPASS
139: are set, it will execute the program specified by
140: .Ev SSH_ASKPASS
141: and open an X11 window to read the passphrase.
142: This is particularly useful when calling
143: .Nm
144: from a
145: .Pa .xsession
146: or related script.
147: (Note that on some machines it
148: may be necessary to redirect the input from
149: .Pa /dev/null
150: to make this work.)
151: .It Ev SSH_AUTH_SOCK
152: Identifies the path of a unix-domain socket used to communicate with the
153: agent.
154: .El
155: .Sh FILES
156: .Bl -tag -width Ds
157: .It Pa ~/.ssh/identity
158: Contains the protocol version 1 RSA authentication identity of the user.
159: .It Pa ~/.ssh/id_dsa
160: Contains the protocol version 2 DSA authentication identity of the user.
161: .It Pa ~/.ssh/id_rsa
162: Contains the protocol version 2 RSA authentication identity of the user.
163: .El
164: .Pp
165: Identity files should not be readable by anyone but the user.
166: Note that
167: .Nm
168: ignores identity files if they are accessible by others.
169: .Sh DIAGNOSTICS
170: Exit status is 0 on success, 1 if the specified command fails,
171: and 2 if
172: .Nm
173: is unable to contact the authentication agent.
174: .Sh SEE ALSO
175: .Xr ssh 1 ,
176: .Xr ssh-agent 1 ,
177: .Xr ssh-keygen 1 ,
178: .Xr sshd 8
179: .Sh AUTHORS
180: OpenSSH is a derivative of the original and free
181: ssh 1.2.12 release by Tatu Ylonen.
182: Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
183: Theo de Raadt and Dug Song
184: removed many bugs, re-added newer features and
185: created OpenSSH.
186: Markus Friedl contributed the support for SSH
187: protocol versions 1.5 and 2.0.
CVSweb <webmaster@jp.NetBSD.org>