2 .\" To view license terms, attribution, and copyright for OpenSSH, the default path is /var/sadm/pkg/SUNWsshdr/install/copyright. If the Solaris operating environment has been installed anywhere other than the default, modify the given path to access the file at the
3 .\" installed location.
4 .\" Portions Copyright (c) 2009, Sun Microsystems, Inc. All Rights Reserved.
5 .TH SSH-ADD 1 "May 20, 2009"
7 ssh-add \- add RSA or DSA identities to the authentication agent
11 \fBssh-add\fR [\fB-lLdDxX\fR] [\fB-t\fR \fIlife\fR] [ \fIfile\fR ]...
16 The \fBssh-add\fR utility adds \fBRSA\fR or \fBDSA\fR identities to the
17 authentication agent, \fBssh-agent\fR(1). When run without arguments, it
18 attempts to add all of the files \fB$HOME/.ssh/identity\fR (RSA v1),
19 \fB$HOME/.ssh/id_rsa\fR (RSA v2), and \fB$HOME/.ssh/id_dsa\fR (DSA v2) that
20 exist. If more than one of the private keys exists, an attempt to decrypt each
21 with the same passphrase is made before reprompting for a different passphrase.
22 The passphrase is read from the user's tty or by running the program defined in
23 \fBSSH_ASKPASS\fR (see below).
26 The authentication agent must be running.
29 The following options are supported:
36 Instead of adding the identity, this option \fBremoves\fR the identity from the
46 Deletes all identities from the agent.
55 Lists fingerprints of all identities currently represented by the agent.
64 Lists public key parameters of all identities currently represented by the
71 \fB\fB-t\fR \fIlife\fR\fR
74 Sets a maximum lifetime when adding identities to an agent. The lifetime can be
75 specified in seconds or in a time format specified in \fBsshd\fR(1M).
84 Locks the agent with a password.
96 .SH ENVIRONMENT VARIABLES
103 \fB\fBSSH_ASKPASS\fR\fR
106 If \fBssh-add\fR needs a passphrase, it reads the passphrase from the current
107 terminal if it was run from a terminal. If \fBssh-add\fR does not have a
108 terminal associated with it but \fBDISPLAY\fR and \fBSSH_ASKPASS\fR are set, it
109 executes the program specified by \fBSSH_ASKPASS\fR and open an X11 window to
110 read the passphrase. This is particularly useful when calling \fBssh-add\fR
111 from a .Xsession or related script. The system is shipped with
112 \fB/usr/lib/ssh/ssh-askpass\fR which is the default value for
119 \fB\fBSSH_AUTH_SOCK\fR\fR
122 Identifies the path of a unix-domain socket used to communicate with the agent.
127 The following exit values are returned:
134 Successful completion.
148 These files should not be readable by anyone but the user. Notice that
149 \fBssh-add\fR ignores a file if it is accessible by others. It is possible to
150 specify a passphrase when generating the key; that passphrase is used to
151 encrypt the private part of this file.
154 If these files are stored on a network file system it is assumed that either
155 the protection provided in the file themselves or the transport layer of the
156 network file system provides sufficient protection for the site policy. If this
157 is not the case, then it is recommended the key files are stored on removable
158 media or locally on the relevant hosts.
161 Recommended names for the \fBDSA\fR and \fBRSA\fR key files:
165 \fB\fB$HOME/.ssh/identity\fR\fR
168 Contains the \fBRSA\fR authentication identity of the user for protocol version
175 \fB\fB$HOME/.ssh/identity.pub\fR\fR
178 Contains the public part of the \fBRSA\fR authentication identity of the user
179 for protocol version 1.
185 \fB\fB$HOME/.ssh/id_dsa\fR\fR
188 Contains the private \fBDSA\fR authentication identity of the user.
194 \fB\fB$HOME/.ssh/id_dsa.pub\fR\fR
197 Contains the public part of the DSA authentication identity of the user.
203 \fB\fB$HOME/.ssh/id_rsa\fR\fR
206 Contains the private \fBRSA\fR authentication identity of the user.
212 \fB\fB$HOME/.ssh/id_rsa.pub\fR\fR
215 Contains the public part of the \fBRSA\fR authentication identity of the user.
221 \fB\fB/usr/lib/ssh/ssh-askpass\fR\fR
224 Contains the default value for SSH_ASKPASS.
229 See \fBattributes\fR(5) for descriptions of the following attributes:
237 ATTRIBUTE TYPE ATTRIBUTE VALUE
239 Interface Stability Committed
244 \fBssh\fR(1), \fBssh-agent\fR(1), \fBssh-keygen\fR(1), \fBsshd\fR(1M),