diff options
Diffstat (limited to 'usr/src/man/man1/ssh-add.sunssh.1')
| -rw-r--r-- | usr/src/man/man1/ssh-add.sunssh.1 | 245 |
1 files changed, 245 insertions, 0 deletions
diff --git a/usr/src/man/man1/ssh-add.sunssh.1 b/usr/src/man/man1/ssh-add.sunssh.1 new file mode 100644 index 0000000000..7de85f56fa --- /dev/null +++ b/usr/src/man/man1/ssh-add.sunssh.1 @@ -0,0 +1,245 @@ +'\" te +.\" To view license terms, attribution, and copyright for OpenSSH, the default path is /var/sadm/pkg/SUNWsshdr/install/copyright. If the Solaris operating environment has been installed anywhere other than the default, modify the given path to access the file at the +.\" installed location. +.\" Portions Copyright (c) 2009, Sun Microsystems, Inc. All Rights Reserved. +.TH SSH-ADD 1 "May 20, 2009" +.SH NAME +ssh-add \- add RSA or DSA identities to the authentication agent +.SH SYNOPSIS +.LP +.nf +\fBssh-add\fR [\fB-lLdDxX\fR] [\fB-t\fR \fIlife\fR] [ \fIfile\fR ]... +.fi + +.SH DESCRIPTION +.LP +The \fBssh-add\fR utility adds \fBRSA\fR or \fBDSA\fR identities to the +authentication agent, \fBssh-agent\fR(1). When run without arguments, it +attempts to add all of the files \fB$HOME/.ssh/identity\fR (RSA v1), +\fB$HOME/.ssh/id_rsa\fR (RSA v2), and \fB$HOME/.ssh/id_dsa\fR (DSA v2) that +exist. If more than one of the private keys exists, an attempt to decrypt each +with the same passphrase is made before reprompting for a different passphrase. +The passphrase is read from the user's tty or by running the program defined in +\fBSSH_ASKPASS\fR (see below). +.sp +.LP +The authentication agent must be running. +.SH OPTIONS +.LP +The following options are supported: +.sp +.ne 2 +.na +\fB\fB-d\fR\fR +.ad +.RS 11n +Instead of adding the identity, this option \fBremoves\fR the identity from the +agent. +.RE + +.sp +.ne 2 +.na +\fB\fB-D\fR\fR +.ad +.RS 11n +Deletes all identities from the agent. +.RE + +.sp +.ne 2 +.na +\fB\fB-l\fR\fR +.ad +.RS 11n +Lists fingerprints of all identities currently represented by the agent. +.RE + +.sp +.ne 2 +.na +\fB\fB-L\fR\fR +.ad +.RS 11n +Lists public key parameters of all identities currently represented by the +agent. +.RE + +.sp +.ne 2 +.na +\fB\fB-t\fR \fIlife\fR\fR +.ad +.RS 11n +Sets a maximum lifetime when adding identities to an agent. The lifetime can be +specified in seconds or in a time format specified in \fBsshd\fR(1M). +.RE + +.sp +.ne 2 +.na +\fB\fB-x\fR\fR +.ad +.RS 11n +Locks the agent with a password. +.RE + +.sp +.ne 2 +.na +\fB\fB-X\fR\fR +.ad +.RS 11n +Unlocks the agent. +.RE + +.SH ENVIRONMENT VARIABLES +.ne 2 +.na +\fB\fBDISPLAY\fR\fR +.ad +.br +.na +\fB\fBSSH_ASKPASS\fR\fR +.ad +.RS 17n +If \fBssh-add\fR needs a passphrase, it reads the passphrase from the current +terminal if it was run from a terminal. If \fBssh-add\fR does not have a +terminal associated with it but \fBDISPLAY\fR and \fBSSH_ASKPASS\fR are set, it +executes the program specified by \fBSSH_ASKPASS\fR and open an X11 window to +read the passphrase. This is particularly useful when calling \fBssh-add\fR +from a .Xsession or related script. The system is shipped with +\fB/usr/lib/ssh/ssh-askpass\fR which is the default value for +\fBSSH_ASKPASS\fR. +.RE + +.sp +.ne 2 +.na +\fB\fBSSH_AUTH_SOCK\fR\fR +.ad +.RS 17n +Identifies the path of a unix-domain socket used to communicate with the agent. +.RE + +.SH EXIT STATUS +.LP +The following exit values are returned: +.sp +.ne 2 +.na +\fB\fB0\fR\fR +.ad +.RS 5n +Successful completion. +.RE + +.sp +.ne 2 +.na +\fB\fB1\fR\fR +.ad +.RS 5n +An error occurred. +.RE + +.SH FILES +.LP +These files should not be readable by anyone but the user. Notice that +\fBssh-add\fR ignores a file if it is accessible by others. It is possible to +specify a passphrase when generating the key; that passphrase is used to +encrypt the private part of this file. +.sp +.LP +If these files are stored on a network file system it is assumed that either +the protection provided in the file themselves or the transport layer of the +network file system provides sufficient protection for the site policy. If this +is not the case, then it is recommended the key files are stored on removable +media or locally on the relevant hosts. +.sp +.LP +Recommended names for the \fBDSA\fR and \fBRSA\fR key files: +.sp +.ne 2 +.na +\fB\fB$HOME/.ssh/identity\fR\fR +.ad +.RS 28n +Contains the \fBRSA\fR authentication identity of the user for protocol version +1. +.RE + +.sp +.ne 2 +.na +\fB\fB$HOME/.ssh/identity.pub\fR\fR +.ad +.RS 28n +Contains the public part of the \fBRSA\fR authentication identity of the user +for protocol version 1. +.RE + +.sp +.ne 2 +.na +\fB\fB$HOME/.ssh/id_dsa\fR\fR +.ad +.RS 28n +Contains the private \fBDSA\fR authentication identity of the user. +.RE + +.sp +.ne 2 +.na +\fB\fB$HOME/.ssh/id_dsa.pub\fR\fR +.ad +.RS 28n +Contains the public part of the DSA authentication identity of the user. +.RE + +.sp +.ne 2 +.na +\fB\fB$HOME/.ssh/id_rsa\fR\fR +.ad +.RS 28n +Contains the private \fBRSA\fR authentication identity of the user. +.RE + +.sp +.ne 2 +.na +\fB\fB$HOME/.ssh/id_rsa.pub\fR\fR +.ad +.RS 28n +Contains the public part of the \fBRSA\fR authentication identity of the user. +.RE + +.sp +.ne 2 +.na +\fB\fB/usr/lib/ssh/ssh-askpass\fR\fR +.ad +.RS 28n +Contains the default value for SSH_ASKPASS. +.RE + +.SH ATTRIBUTES +.LP +See \fBattributes\fR(5) for descriptions of the following attributes: +.sp + +.sp +.TS +box; +c | c +l | l . +ATTRIBUTE TYPE ATTRIBUTE VALUE +_ +Interface Stability Committed +.TE + +.SH SEE ALSO +.LP +\fBssh\fR(1), \fBssh-agent\fR(1), \fBssh-keygen\fR(1), \fBsshd\fR(1M), +\fBattributes\fR(5) |