xref: /openbsd-src/usr.bin/ssh/ssh-add.1 (revision b2ea75c1b17e1a9a339660e7ed45cd24946b230e) 
1.\"	$OpenBSD: ssh-add.1,v 1.26 2001/08/03 10:31:19 jakob Exp $
2.\"
3.\"  -*- nroff -*-
4.\"
5.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
6.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
7.\"                    All rights reserved
8.\"
9.\" As far as I am concerned, the code I have written for this software
10.\" can be used freely for any purpose.  Any derived versions of this
11.\" software must be clearly marked as such, and if the derived work is
12.\" incompatible with the protocol description in the RFC file, it must be
13.\" called by a name other than "ssh" or "Secure Shell".
14.\"
15.\"
16.\" Copyright (c) 1999,2000 Markus Friedl.  All rights reserved.
17.\" Copyright (c) 1999 Aaron Campbell.  All rights reserved.
18.\" Copyright (c) 1999 Theo de Raadt.  All rights reserved.
19.\"
20.\" Redistribution and use in source and binary forms, with or without
21.\" modification, are permitted provided that the following conditions
22.\" are met:
23.\" 1. Redistributions of source code must retain the above copyright
24.\"    notice, this list of conditions and the following disclaimer.
25.\" 2. Redistributions in binary form must reproduce the above copyright
26.\"    notice, this list of conditions and the following disclaimer in the
27.\"    documentation and/or other materials provided with the distribution.
28.\"
29.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
30.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
31.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
32.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
33.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
34.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
35.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
36.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
37.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
38.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
39.\"
40.Dd September 25, 1999
41.Dt SSH-ADD 1
42.Os
43.Sh NAME
44.Nm ssh-add
45.Nd adds RSA or DSA identities for the authentication agent
46.Sh SYNOPSIS
47.Nm ssh-add
48.Op Fl lLdD
49.Op Ar
50.Nm ssh-add
51.Fl s Ar reader
52.Nm ssh-add
53.Fl e Ar reader
54.Sh DESCRIPTION
55.Nm
56adds RSA or DSA identities to the authentication agent,
57.Xr ssh-agent 1 .
58When run without arguments, it adds the file
59.Pa $HOME/.ssh/identity .
60Alternative file names can be given on the command line.
61If any file requires a passphrase,
62.Nm
63asks for the passphrase from the user.
64The passphrase is read from the user's tty.
65.Nm
66retries the last passphrase if multiple identity files are given.
67.Pp
68The authentication agent must be running and must be an ancestor of
69the current process for
70.Nm
71to work.
72.Pp
73The options are as follows:
74.Bl -tag -width Ds
75.It Fl l
76Lists fingerprints of all identities currently represented by the agent.
77.It Fl L
78Lists public key parameters of all identities currently represented by the agent.
79.It Fl d
80Instead of adding the identity, removes the identity from the agent.
81.It Fl D
82Deletes all identities from the agent.
83.It Fl s Ar reader
84Add key in smartcard
85.Ar reader .
86.It Fl e Ar reader
87Remove key in smartcard
88.Ar reader .
89.El
90.Sh FILES
91.Bl -tag -width Ds
92.It Pa $HOME/.ssh/identity
93Contains the protocol version 1 RSA authentication identity of the user.
94This file should not be readable by anyone but the user.
95Note that
96.Nm
97ignores this file if it is accessible by others.
98It is possible to
99specify a passphrase when generating the key; that passphrase will be
100used to encrypt the private part of this file.
101This is the default file added by
102.Nm
103when no other files have been specified.
104.It Pa $HOME/.ssh/id_dsa
105Contains the protocol version 2 DSA authentication identity of the user.
106.It Pa $HOME/.ssh/id_rsa
107Contains the protocol version 2 RSA authentication identity of the user.
108.El
109.Sh ENVIRONMENT
110.Bl -tag -width Ds
111.It Ev "DISPLAY" and "SSH_ASKPASS"
112If
113.Nm
114needs a passphrase, it will read the passphrase from the current
115terminal if it was run from a terminal.
116If
117.Nm
118does not have a terminal associated with it but
119.Ev DISPLAY
120and
121.Ev SSH_ASKPASS
122are set, it will execute the program specified by
123.Ev SSH_ASKPASS
124and open an X11 window to read the passphrase.
125This is particularly useful when calling
126.Nm
127from a
128.Pa .Xsession
129or related script.
130(Note that on some machines it
131may be necessary to redirect the input from
132.Pa /dev/null
133to make this work.)
134.El
135.Sh AUTHORS
136OpenSSH is a derivative of the original and free
137ssh 1.2.12 release by Tatu Ylonen.
138Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
139Theo de Raadt and Dug Song
140removed many bugs, re-added newer features and
141created OpenSSH.
142Markus Friedl contributed the support for SSH
143protocol versions 1.5 and 2.0.
144.Sh SEE ALSO
145.Xr ssh 1 ,
146.Xr ssh-agent 1 ,
147.Xr ssh-keygen 1 ,
148.Xr sshd 8
149