summaryrefslogtreecommitdiff
path: root/usr/src/man/man1/ssh-add.1
diff options
context:
space:
mode:
Diffstat (limited to 'usr/src/man/man1/ssh-add.1')
-rw-r--r--usr/src/man/man1/ssh-add.1289
1 files changed, 289 insertions, 0 deletions
diff --git a/usr/src/man/man1/ssh-add.1 b/usr/src/man/man1/ssh-add.1
new file mode 100644
index 0000000000..ff26f6163b
--- /dev/null
+++ b/usr/src/man/man1/ssh-add.1
@@ -0,0 +1,289 @@
+'\" te
+.\" To view license terms, attribution, and copyright for OpenSSH, the default path is /var/sadm/pkg/SUNWsshdr/install/copyright. If the Solaris operating environment has been installed anywhere other than the default, modify the given path to access the file at the
+.\" installed location.
+.\" Portions Copyright (c) 2009, Sun Microsystems, Inc. All Rights Reserved.
+.TH ssh-add 1 "20 May 2009" "SunOS 5.11" "User Commands"
+.SH NAME
+ssh-add \- add RSA or DSA identities to the authentication agent
+.SH SYNOPSIS
+.LP
+.nf
+\fBssh-add\fR [\fB-lLdDxX\fR] [\fB-t\fR \fIlife\fR] [ \fIfile\fR ]...
+.fi
+
+.SH DESCRIPTION
+.sp
+.LP
+The \fBssh-add\fR utility adds \fBRSA\fR or \fBDSA\fR identities to the
+authentication agent, \fBssh-agent\fR(1). When run without arguments, it
+attempts to add all of the files \fB$HOME/.ssh/identity\fR (RSA v1),
+\fB$HOME/.ssh/id_rsa\fR (RSA v2), and \fB$HOME/.ssh/id_dsa\fR (DSA v2) that
+exist. If more than one of the private keys exists, an attempt to decrypt each
+with the same passphrase is made before reprompting for a different passphrase.
+The passphrase is read from the user's tty or by running the program defined in
+\fBSSH_ASKPASS\fR (see below).
+.sp
+.LP
+The authentication agent must be running.
+.SH OPTIONS
+.sp
+.LP
+The following options are supported:
+.sp
+.ne 2
+.mk
+.na
+\fB\fB-d\fR\fR
+.ad
+.RS 11n
+.rt
+Instead of adding the identity, this option \fBremoves\fR the identity from the
+agent.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fB-D\fR\fR
+.ad
+.RS 11n
+.rt
+Deletes all identities from the agent.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fB-l\fR\fR
+.ad
+.RS 11n
+.rt
+Lists fingerprints of all identities currently represented by the agent.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fB-L\fR\fR
+.ad
+.RS 11n
+.rt
+Lists public key parameters of all identities currently represented by the
+agent.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fB-t\fR \fIlife\fR\fR
+.ad
+.RS 11n
+.rt
+Sets a maximum lifetime when adding identities to an agent. The lifetime can be
+specified in seconds or in a time format specified in \fBsshd\fR(1M).
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fB-x\fR\fR
+.ad
+.RS 11n
+.rt
+Locks the agent with a password.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fB-X\fR\fR
+.ad
+.RS 11n
+.rt
+Unlocks the agent.
+.RE
+
+.SH ENVIRONMENT VARIABLES
+.sp
+.ne 2
+.mk
+.na
+\fB\fBDISPLAY\fR\fR
+.ad
+.br
+.na
+\fB\fBSSH_ASKPASS\fR\fR
+.ad
+.RS 17n
+.rt
+If \fBssh-add\fR needs a passphrase, it reads the passphrase from the current
+terminal if it was run from a terminal. If \fBssh-add\fR does not have a
+terminal associated with it but \fBDISPLAY\fR and \fBSSH_ASKPASS\fR are set, it
+executes the program specified by \fBSSH_ASKPASS\fR and open an X11 window to
+read the passphrase. This is particularly useful when calling \fBssh-add\fR
+from a .Xsession or related script. The system is shipped with
+\fB/usr/lib/ssh/ssh-askpass\fR which is the default value for
+\fBSSH_ASKPASS\fR.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fBSSH_AUTH_SOCK\fR\fR
+.ad
+.RS 17n
+.rt
+Identifies the path of a unix-domain socket used to communicate with the agent.
+.RE
+
+.SH EXIT STATUS
+.sp
+.LP
+The following exit values are returned:
+.sp
+.ne 2
+.mk
+.na
+\fB\fB0\fR\fR
+.ad
+.RS 5n
+.rt
+Successful completion.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fB1\fR\fR
+.ad
+.RS 5n
+.rt
+An error occurred.
+.RE
+
+.SH FILES
+.sp
+.LP
+These files should not be readable by anyone but the user. Notice that
+\fBssh-add\fR ignores a file if it is accessible by others. It is possible to
+specify a passphrase when generating the key; that passphrase is used to
+encrypt the private part of this file.
+.sp
+.LP
+If these files are stored on a network file system it is assumed that either
+the protection provided in the file themselves or the transport layer of the
+network file system provides sufficient protection for the site policy. If this
+is not the case, then it is recommended the key files are stored on removable
+media or locally on the relevant hosts.
+.sp
+.LP
+Recommended names for the \fBDSA\fR and \fBRSA\fR key files:
+.sp
+.ne 2
+.mk
+.na
+\fB\fB$HOME/.ssh/identity\fR\fR
+.ad
+.RS 28n
+.rt
+Contains the \fBRSA\fR authentication identity of the user for protocol version
+1.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fB$HOME/.ssh/identity.pub\fR\fR
+.ad
+.RS 28n
+.rt
+Contains the public part of the \fBRSA\fR authentication identity of the user
+for protocol version 1.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fB$HOME/.ssh/id_dsa\fR\fR
+.ad
+.RS 28n
+.rt
+Contains the private \fBDSA\fR authentication identity of the user.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fB$HOME/.ssh/id_dsa.pub\fR\fR
+.ad
+.RS 28n
+.rt
+Contains the public part of the DSA authentication identity of the user.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fB$HOME/.ssh/id_rsa\fR\fR
+.ad
+.RS 28n
+.rt
+Contains the private \fBRSA\fR authentication identity of the user.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fB$HOME/.ssh/id_rsa.pub\fR\fR
+.ad
+.RS 28n
+.rt
+Contains the public part of the \fBRSA\fR authentication identity of the user.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fB/usr/lib/ssh/ssh-askpass\fR\fR
+.ad
+.RS 28n
+.rt
+Contains the default value for SSH_ASKPASS.
+.RE
+
+.SH ATTRIBUTES
+.sp
+.LP
+See \fBattributes\fR(5) for descriptions of the following attributes:
+.sp
+
+.sp
+.TS
+tab() box;
+cw(2.75i) |cw(2.75i)
+lw(2.75i) |lw(2.75i)
+.
+ATTRIBUTE TYPEATTRIBUTE VALUE
+_
+Interface StabilityCommitted
+.TE
+
+.SH SEE ALSO
+.sp
+.LP
+\fBssh\fR(1), \fBssh-agent\fR(1), \fBssh-keygen\fR(1), \fBsshd\fR(1M),
+\fBattributes\fR(5)
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-27 07:27:09 +0000