suzanne.soy/man-pages
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
gh-pages
man-pages/man1/ssh-add.1.html
Suzanne Soy 4c89183f2b Added man pages from my system
2021-03-31 01:06:50 +01:00

469 lines
7.2 KiB
HTML
Raw Permalink Blame History

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML><HEAD><TITLE>Man page of SSH-ADD</TITLE>
</HEAD><BODY>
<H1>SSH-ADD</H1>
Section: User Commands (1)<BR><A HREF="#index">Index</A>
<A HREF="/cgi-bin/man/man2html">Return to Main Contents</A><HR>
<BR>BSD mandoc<BR>
<A NAME="lbAB">&nbsp;</A>
<H2>NAME</H2>
<B>ssh-add</B>
- adds private key identities to the OpenSSH authentication agent
<A NAME="lbAC">&nbsp;</A>
<H2>SYNOPSIS</H2>
<B>ssh-add</B>
[-<B>cDdKkLlqvXx </B>[-<B>E </B><I>fingerprint_hash</I>
]
]
[-<B>S </B><I>provider</I>
]
[-<B>t </B><I>life</I>
]
[<I>file ...</I>
]
<BR><B>ssh-add</B>
-<B>s </B><I>pkcs11</I>
<BR><B>ssh-add</B>
-<B>e </B><I>pkcs11</I>
<BR><B>ssh-add</B>
-<B>T</B>
<I>pubkey ...</I>
<A NAME="lbAD">&nbsp;</A>
<H2>DESCRIPTION</H2>
<B>ssh-add</B>
adds private key identities to the authentication agent,
ssh-agent1.
When run without arguments, it adds the files
~/.ssh/id_rsa
~/.ssh/id_dsa
~/.ssh/id_ecdsa
~/.ssh/id_ecdsa_sk
~/.ssh/id_ed25519
and
~/.ssh/id_ed25519_sk
After loading a private key,
<B>ssh-add</B>
will try to load corresponding certificate information from the
filename obtained by appending
-cert.pub
to the name of the private key file.
Alternative file names can be given on the command line.
<P>
If any file requires a passphrase,
<B>ssh-add</B>
asks for the passphrase from the user.
The passphrase is read from the user's tty.
<B>ssh-add</B>
retries the last passphrase if multiple identity files are given.
<P>
The authentication agent must be running and the
<B>SSH_AUTH_SOCK</B>
environment variable must contain the name of its socket for
<B>ssh-add</B>
to work.
<P>
The options are as follows:
<DL COMPACT>
<P>
<DT id="1"><B>-c</B>
<DD>
Indicates that added identities should be subject to confirmation before
being used for authentication.
Confirmation is performed by
ssh-askpass1.
Successful confirmation is signaled by a zero exit status from
ssh-askpass1,
rather than text entered into the requester.
<DT id="2"><B>-D</B>
<DD>
Deletes all identities from the agent.
<DT id="3"><B>-d</B>
<DD>
Instead of adding identities, removes identities from the agent.
If
<B>ssh-add</B>
has been run without arguments, the keys for the default identities and
their corresponding certificates will be removed.
Otherwise, the argument list will be interpreted as a list of paths to
public key files to specify keys and certificates to be removed from the agent.
If no public key is found at a given path,
<B>ssh-add</B>
will append
.pub
and retry.
<DT id="4"><B>-E </B><I>fingerprint_hash</I>
<DD>
Specifies the hash algorithm used when displaying key fingerprints.
Valid options are:
``md5''
and
``sha256''
The default is
``sha256''
<DT id="5"><B>-e </B><I>pkcs11</I>
<DD>
Remove keys provided by the PKCS#11 shared library
<I>pkcs11</I>
<DT id="6"><B>-K</B>
<DD>
Load resident keys from a FIDO authenticator.
<DT id="7"><B>-k</B>
<DD>
When loading keys into or deleting keys from the agent, process plain private
keys only and skip certificates.
<DT id="8"><B>-L</B>
<DD>
Lists public key parameters of all identities currently represented
by the agent.
<DT id="9"><B>-l</B>
<DD>
Lists fingerprints of all identities currently represented by the agent.
<DT id="10"><B>-q</B>
<DD>
Be quiet after a successful operation.
<DT id="11"><B>-S </B><I>provider</I>
<DD>
Specifies a path to a library that will be used when adding
FIDO authenticator-hosted keys, overriding the default of using the
internal USB HID support.
<DT id="12"><B>-s </B><I>pkcs11</I>
<DD>
Add keys provided by the PKCS#11 shared library
<I>pkcs11</I>
<DT id="13"><B>-T </B><I>pubkey ...</I>
<DD>
Tests whether the private keys that correspond to the specified
<I>pubkey</I>
files are usable by performing sign and verify operations on each.
<DT id="14"><B>-t </B><I>life</I>
<DD>
Set a maximum lifetime when adding identities to an agent.
The lifetime may be specified in seconds or in a time format
specified in
sshd_config5.
<DT id="15"><B>-v</B>
<DD>
Verbose mode.
Causes
<B>ssh-add</B>
to print debugging messages about its progress.
This is helpful in debugging problems.
Multiple
-<B>v</B>
options increase the verbosity.
The maximum is 3.
<DT id="16"><B>-X</B>
<DD>
Unlock the agent.
<DT id="17"><B>-x</B>
<DD>
Lock the agent with a password.
</DL>
<P>
<A NAME="lbAE">&nbsp;</A>
<H2>ENVIRONMENT</H2>
<DL COMPACT>
<P>
<DT id="18"><B>DISPLAY and SSH_ASKPASS</B>
<DD>
If
<B>ssh-add</B>
needs a passphrase, it will read the passphrase from the current
terminal if it was run from a terminal.
If
<B>ssh-add</B>
does not have a terminal associated with it but
<B>DISPLAY</B>
and
<B>SSH_ASKPASS</B>
are set, it will execute the program specified by
<B>SSH_ASKPASS</B>
(by default
``ssh-askpass''
and open an X11 window to read the passphrase.
This is particularly useful when calling
<B>ssh-add</B>
from a
.xsession
or related script.
(Note that on some machines it
may be necessary to redirect the input from
/dev/null
to make this work.)
<DT id="19"><B>SSH_AUTH_SOCK</B>
<DD>
Identifies the path of a
UNIX
socket used to communicate with the agent.
<DT id="20"><B>SSH_SK_PROVIDER</B>
<DD>
Specifies a path to a library that will be used when loading any
FIDO authenticator-hosted keys, overriding the default of using
the built-in USB HID support.
</DL>
<P>
<A NAME="lbAF">&nbsp;</A>
<H2>FILES</H2>
<DL COMPACT>
<P>
<DT id="21"><B>~/.ssh/id_dsa
</B>
<DD>
<DT id="22"><B>~/.ssh/id_ecdsa
</B>
<DD>
<DT id="23"><B>~/.ssh/id_ecdsa_sk
</B>
<DD>
<DT id="24"><B>~/.ssh/id_ed25519
</B>
<DD>
<DT id="25"><B>~/.ssh/id_ed25519_sk
</B>
<DD>
<DT id="26"><B>~/.ssh/id_rsa
</B>
<DD>
Contains the DSA, ECDSA, authenticator-hosted ECDSA, Ed25519,
authenticator-hosted Ed25519 or RSA authentication identity of the user.
</DL>
<P>
<P>
Identity files should not be readable by anyone but the user.
Note that
<B>ssh-add</B>
ignores identity files if they are accessible by others.
<A NAME="lbAG">&nbsp;</A>
<H2>EXIT STATUS</H2>
Exit status is 0 on success, 1 if the specified command fails,
and 2 if
<B>ssh-add</B>
is unable to contact the authentication agent.
<A NAME="lbAH">&nbsp;</A>
<H2>SEE ALSO</H2>
<A HREF="/cgi-bin/man/man2html?1+ssh">ssh</A>(1),
ssh-agent1,
ssh-askpass1,
ssh-keygen1,
<A HREF="/cgi-bin/man/man2html?8+sshd">sshd</A>(8)
<A NAME="lbAI">&nbsp;</A>
<H2>AUTHORS</H2>
OpenSSH is a derivative of the original and free
ssh 1.2.12 release by Tatu Ylonen.
Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
Theo de Raadt and Dug Song
removed many bugs, re-added newer features and
created OpenSSH.
Markus Friedl contributed the support for SSH
protocol versions 1.5 and 2.0.
<P>
<HR>
<A NAME="index">&nbsp;</A><H2>Index</H2>
<DL>
<DT id="27"><A HREF="#lbAB">NAME</A><DD>
<DT id="28"><A HREF="#lbAC">SYNOPSIS</A><DD>
<DT id="29"><A HREF="#lbAD">DESCRIPTION</A><DD>
<DT id="30"><A HREF="#lbAE">ENVIRONMENT</A><DD>
<DT id="31"><A HREF="#lbAF">FILES</A><DD>
<DT id="32"><A HREF="#lbAG">EXIT STATUS</A><DD>
<DT id="33"><A HREF="#lbAH">SEE ALSO</A><DD>
<DT id="34"><A HREF="#lbAI">AUTHORS</A><DD>
</DL>
<HR>
This document was created by
<A HREF="/cgi-bin/man/man2html">man2html</A>,
using the manual pages.<BR>
Time: 00:05:27 GMT, March 31, 2021
</BODY>
</HTML>
Reference in New Issue View Git Blame Copy Permalink