diff options
author | des <des@FreeBSD.org> | 2013-09-21 22:24:10 +0000 |
---|---|---|
committer | des <des@FreeBSD.org> | 2013-09-21 22:24:10 +0000 |
commit | b32fed86db62816ab222f56c1f859a444ac8648b (patch) | |
tree | fb81eca65d09d841e542cd6af66ff14c5004dbd8 /crypto/openssh/ssh-add.0 | |
parent | eaecb3d1ae60457bac557fd719cacb819f801159 (diff) | |
parent | ff2597d3eebc3da3f7cf2a638607274cad9b199e (diff) | |
download | FreeBSD-src-b32fed86db62816ab222f56c1f859a444ac8648b.zip FreeBSD-src-b32fed86db62816ab222f56c1f859a444ac8648b.tar.gz |
Pull in all the OpenSSH bits that we'd previously left out because we
didn't use them. This will make future merges from the vendor tree much
easier.
Approved by: re (gjb)
Diffstat (limited to 'crypto/openssh/ssh-add.0')
-rw-r--r-- | crypto/openssh/ssh-add.0 | 119 |
1 files changed, 119 insertions, 0 deletions
diff --git a/crypto/openssh/ssh-add.0 b/crypto/openssh/ssh-add.0 new file mode 100644 index 0000000..bcd1e73 --- /dev/null +++ b/crypto/openssh/ssh-add.0 @@ -0,0 +1,119 @@ +SSH-ADD(1) OpenBSD Reference Manual SSH-ADD(1) + +NAME + ssh-add - adds private key identities to the authentication agent + +SYNOPSIS + ssh-add [-cDdkLlXx] [-t life] [file ...] + ssh-add -s pkcs11 + ssh-add -e pkcs11 + +DESCRIPTION + ssh-add adds private key identities to the authentication agent, + ssh-agent(1). When run without arguments, it adds the files + ~/.ssh/id_rsa, ~/.ssh/id_dsa, ~/.ssh/id_ecdsa and ~/.ssh/identity. After + loading a private key, ssh-add will try to load corresponding certificate + information from the filename obtained by appending -cert.pub to the name + of the private key file. Alternative file names can be given on the + command line. + + If any file requires a passphrase, ssh-add asks for the passphrase from + the user. The passphrase is read from the user's tty. ssh-add retries + the last passphrase if multiple identity files are given. + + The authentication agent must be running and the SSH_AUTH_SOCK + environment variable must contain the name of its socket for ssh-add to + work. + + The options are as follows: + + -c Indicates that added identities should be subject to confirmation + before being used for authentication. Confirmation is performed + by the SSH_ASKPASS program mentioned below. Successful + confirmation is signaled by a zero exit status from the + SSH_ASKPASS program, rather than text entered into the requester. + + -D Deletes all identities from the agent. + + -d Instead of adding identities, removes identities from the agent. + If ssh-add has been run without arguments, the keys for the + default identities and their corresponding certificates will be + removed. Otherwise, the argument list will be interpreted as a + list of paths to public key files to specify keys and + certificates to be removed from the agent. If no public key is + found at a given path, ssh-add will append .pub and retry. + + -e pkcs11 + Remove keys provided by the PKCS#11 shared library pkcs11. + + -k When loading keys into or deleting keys from the agent, process + plain private keys only and skip certificates. + + -L Lists public key parameters of all identities currently + represented by the agent. + + -l Lists fingerprints of all identities currently represented by the + agent. + + -s pkcs11 + Add keys provided by the PKCS#11 shared library pkcs11. + + -t life + Set a maximum lifetime when adding identities to an agent. The + lifetime may be specified in seconds or in a time format + specified in sshd_config(5). + + -X Unlock the agent. + + -x Lock the agent with a password. + +ENVIRONMENT + DISPLAY and SSH_ASKPASS + If ssh-add needs a passphrase, it will read the passphrase from + the current terminal if it was run from a terminal. If ssh-add + does not have a terminal associated with it but DISPLAY and + SSH_ASKPASS are set, it will execute the program specified by + SSH_ASKPASS and open an X11 window to read the passphrase. This + is particularly useful when calling ssh-add from a .xsession or + related script. (Note that on some machines it may be necessary + to redirect the input from /dev/null to make this work.) + + SSH_AUTH_SOCK + Identifies the path of a UNIX-domain socket used to communicate + with the agent. + +FILES + ~/.ssh/identity + Contains the protocol version 1 RSA authentication identity of + the user. + + ~/.ssh/id_dsa + Contains the protocol version 2 DSA authentication identity of + the user. + + ~/.ssh/id_ecdsa + Contains the protocol version 2 ECDSA authentication identity of + the user. + + ~/.ssh/id_rsa + Contains the protocol version 2 RSA authentication identity of + the user. + + Identity files should not be readable by anyone but the user. Note that + ssh-add ignores identity files if they are accessible by others. + +EXIT STATUS + Exit status is 0 on success, 1 if the specified command fails, and 2 if + ssh-add is unable to contact the authentication agent. + +SEE ALSO + ssh(1), ssh-agent(1), ssh-keygen(1), sshd(8) + +AUTHORS + OpenSSH is a derivative of the original and free ssh 1.2.12 release by + Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo + de Raadt and Dug Song removed many bugs, re-added newer features and + created OpenSSH. Markus Friedl contributed the support for SSH protocol + versions 1.5 and 2.0. + +OpenBSD 5.4 December 3, 2012 OpenBSD 5.4 |