xref: /openbsd-src/usr.bin/ssh/ssh-add.1 (revision 3a3fbb3f2e2521ab7c4a56b7ff7462ebd9095ec5) 
1.\"	$OpenBSD: ssh-add.1,v 1.28 2001/12/21 10:06:43 djm Exp $
2.\"
3.\"  -*- nroff -*-
4.\"
5.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
6.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
7.\"                    All rights reserved
8.\"
9.\" As far as I am concerned, the code I have written for this software
10.\" can be used freely for any purpose.  Any derived versions of this
11.\" software must be clearly marked as such, and if the derived work is
12.\" incompatible with the protocol description in the RFC file, it must be
13.\" called by a name other than "ssh" or "Secure Shell".
14.\"
15.\"
16.\" Copyright (c) 1999,2000 Markus Friedl.  All rights reserved.
17.\" Copyright (c) 1999 Aaron Campbell.  All rights reserved.
18.\" Copyright (c) 1999 Theo de Raadt.  All rights reserved.
19.\"
20.\" Redistribution and use in source and binary forms, with or without
21.\" modification, are permitted provided that the following conditions
22.\" are met:
23.\" 1. Redistributions of source code must retain the above copyright
24.\"    notice, this list of conditions and the following disclaimer.
25.\" 2. Redistributions in binary form must reproduce the above copyright
26.\"    notice, this list of conditions and the following disclaimer in the
27.\"    documentation and/or other materials provided with the distribution.
28.\"
29.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
30.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
31.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
32.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
33.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
34.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
35.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
36.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
37.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
38.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
39.\"
40.Dd September 25, 1999
41.Dt SSH-ADD 1
42.Os
43.Sh NAME
44.Nm ssh-add
45.Nd adds RSA or DSA identities to the authentication agent
46.Sh SYNOPSIS
47.Nm ssh-add
48.Op Fl lLdD
49.Op Ar
50.Nm ssh-add
51.Fl s Ar reader
52.Nm ssh-add
53.Fl e Ar reader
54.Sh DESCRIPTION
55.Nm
56adds RSA or DSA identities to the authentication agent,
57.Xr ssh-agent 1 .
58When run without arguments, it adds the files
59.Pa $HOME/.ssh/id_rsa ,
60.Pa $HOME/.ssh/id_dsa
61and
62.Pa $HOME/.ssh/identity .
63Alternative file names can be given on the command line.
64If any file requires a passphrase,
65.Nm
66asks for the passphrase from the user.
67The passphrase is read from the user's tty.
68.Nm
69retries the last passphrase if multiple identity files are given.
70.Pp
71The authentication agent must be running and must be an ancestor of
72the current process for
73.Nm
74to work.
75.Pp
76The options are as follows:
77.Bl -tag -width Ds
78.It Fl l
79Lists fingerprints of all identities currently represented by the agent.
80.It Fl L
81Lists public key parameters of all identities currently represented by the agent.
82.It Fl d
83Instead of adding the identity, removes the identity from the agent.
84.It Fl D
85Deletes all identities from the agent.
86.It Fl s Ar reader
87Add key in smartcard
88.Ar reader .
89.It Fl e Ar reader
90Remove key in smartcard
91.Ar reader .
92.El
93.Sh FILES
94.Bl -tag -width Ds
95.It Pa $HOME/.ssh/identity
96Contains the protocol version 1 RSA authentication identity of the user.
97This file should not be readable by anyone but the user.
98Note that
99.Nm
100ignores this file if it is accessible by others.
101It is possible to
102specify a passphrase when generating the key; that passphrase will be
103used to encrypt the private part of this file.
104This is the default file added by
105.Nm
106when no other files have been specified.
107.It Pa $HOME/.ssh/id_dsa
108Contains the protocol version 2 DSA authentication identity of the user.
109.It Pa $HOME/.ssh/id_rsa
110Contains the protocol version 2 RSA authentication identity of the user.
111.El
112.Sh ENVIRONMENT
113.Bl -tag -width Ds
114.It Ev "DISPLAY" and "SSH_ASKPASS"
115If
116.Nm
117needs a passphrase, it will read the passphrase from the current
118terminal if it was run from a terminal.
119If
120.Nm
121does not have a terminal associated with it but
122.Ev DISPLAY
123and
124.Ev SSH_ASKPASS
125are set, it will execute the program specified by
126.Ev SSH_ASKPASS
127and open an X11 window to read the passphrase.
128This is particularly useful when calling
129.Nm
130from a
131.Pa .Xsession
132or related script.
133(Note that on some machines it
134may be necessary to redirect the input from
135.Pa /dev/null
136to make this work.)
137.El
138.Sh AUTHORS
139OpenSSH is a derivative of the original and free
140ssh 1.2.12 release by Tatu Ylonen.
141Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
142Theo de Raadt and Dug Song
143removed many bugs, re-added newer features and
144created OpenSSH.
145Markus Friedl contributed the support for SSH
146protocol versions 1.5 and 2.0.
147.Sh SEE ALSO
148.Xr ssh 1 ,
149.Xr ssh-agent 1 ,
150.Xr ssh-keygen 1 ,
151.Xr sshd 8
152