Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. =================================================================== RCS file: /ftp/cvs/cvsroot/src/crypto/external/bsd/openssh/dist/ssh-agent.1,v rcsdiff: /ftp/cvs/cvsroot/src/crypto/external/bsd/openssh/dist/ssh-agent.1,v: warning: Unknown phrases like `commitid ...;' are present. retrieving revision 1.1.1.4 retrieving revision 1.1.1.5 diff -u -p -r1.1.1.4 -r1.1.1.5 --- src/crypto/external/bsd/openssh/dist/ssh-agent.1 2011/07/24 15:08:45 1.1.1.4 +++ src/crypto/external/bsd/openssh/dist/ssh-agent.1 2014/10/19 16:28:37 1.1.1.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-agent.1,v 1.53 2010/11/21 01:01:13 djm Exp $ +.\" $OpenBSD: ssh-agent.1,v 1.55 2014/04/16 23:28:12 djm Exp $ .\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: November 21 2010 $ +.Dd $Mdocdate: April 16 2014 $ .Dt SSH-AGENT 1 .Os .Sh NAME @@ -53,10 +53,9 @@ .Sh DESCRIPTION .Nm is a program to hold private keys used for public key authentication -(RSA, DSA, ECDSA). -The idea is that +(RSA, DSA, ECDSA, ED25519). .Nm -is started in the beginning of an X-session or a login session, and +is usually started in the beginning of an X-session or a login session, and all other windows or programs are started as clients to the ssh-agent program. Through use of environment variables the agent can be located @@ -64,6 +63,19 @@ and automatically used for authenticatio machines using .Xr ssh 1 . .Pp +The agent initially does not have any private keys. +Keys are added using +.Xr ssh-add 1 . +Multiple identities may be stored in +.Nm +concurrently and +.Xr ssh 1 +will automatically use them if present. +.Xr ssh-add 1 +is also used to remove keys from +.Nm +and to query the keys that are held in one. +.Pp The options are as follows: .Bl -tag -width Ds .It Fl a Ar bind_address @@ -107,28 +119,6 @@ Without this option the default maximum If a commandline is given, this is executed as a subprocess of the agent. When the command dies, so does the agent. .Pp -The agent initially does not have any private keys. -Keys are added using -.Xr ssh-add 1 . -When executed without arguments, -.Xr ssh-add 1 -adds the files -.Pa ~/.ssh/id_rsa , -.Pa ~/.ssh/id_dsa , -.Pa ~/.ssh/id_ecdsa -and -.Pa ~/.ssh/identity . -If the identity has a passphrase, -.Xr ssh-add 1 -asks for the passphrase on the terminal if it has one or from a small X11 -program if running under X11. -If neither of these is the case then the authentication will fail. -It then sends the identity to the agent. -Several identities can be stored in the -agent; the agent can automatically use any of these identities. -.Ic ssh-add -l -displays the identities currently held by the agent. -.Pp The idea is that the agent is run in the user's local PC, laptop, or terminal. Authentication data need not be stored on any other @@ -184,14 +174,6 @@ The agent exits automatically when the c line terminates. .Sh FILES .Bl -tag -width Ds -.It Pa ~/.ssh/identity -Contains the protocol version 1 RSA authentication identity of the user. -.It Pa ~/.ssh/id_dsa -Contains the protocol version 2 DSA authentication identity of the user. -.It Pa ~/.ssh/id_ecdsa -Contains the protocol version 2 ECDSA authentication identity of the user. -.It Pa ~/.ssh/id_rsa -Contains the protocol version 2 RSA authentication identity of the user. .It Pa $TMPDIR/ssh-XXXXXXXXXX/agent.\*(Ltppid\*(Gt .Ux Ns -domain sockets used to contain the connection to the authentication agent.