Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   11224 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

SSH-ADD(1)							    SSH-ADD(1)

NAME
       ssh-add - adds private key identities to the authentication agent

SYNOPSIS
       ssh-add [-cDdkLlXx] [-t life] [file ...]
       ssh-add -s pkcs11
       ssh-add -e pkcs11

DESCRIPTION
       ssh-add	adds  private key identities to the authentication agent, ssh-
       agent(1).  When run without arguments, it adds the files ~/.ssh/id_rsa,
       ~/.ssh/id_dsa,  ~/.ssh/id_ecdsa, ~/.ssh/id_ed25519 and ~/.ssh/identity.
       After loading a private key, ssh-add will  try  to  load	 corresponding
       certificate   information  from	the  filename  obtained	 by  appending
       -cert.pub to the name of the private key file.  Alternative file	 names
       can be given on the command line.

       If any file requires a passphrase, ssh-add asks for the passphrase from
       the user.  The passphrase is read from the user's tty.  ssh-add retries
       the last passphrase if multiple identity files are given.

       The authentication agent must be running and the SSH_AUTH_SOCK environ‐
       ment variable must contain the name of its socket for ssh-add to work.

       The options are as follows:

       -c     Indicates that added identities should be subject	 to  confirma‐
	      tion before being used for authentication.  Confirmation is per‐
	      formed by the SSH_ASKPASS program mentioned  below.   Successful
	      confirmation  is	signaled  by  a	 zero  exit  status  from  the
	      SSH_ASKPASS  program,  rather  than  text	  entered   into   the
	      requester.

       -D     Deletes all identities from the agent.

       -d     Instead of adding identities, removes identities from the agent.
	      If ssh-add has been run without  arguments,  the	keys  for  the
	      default  identities and their corresponding certificates will be
	      removed.	Otherwise, the argument list will be interpreted as  a
	      list  of	paths to public key files to specify keys and certifi‐
	      cates to be removed from the agent.  If no public key  is	 found
	      at a given path, ssh-add will append .pub and retry.

       -e pkcs11
	      Remove keys provided by the PKCS#11 shared library pkcs11.

       -k     When  loading keys into or deleting keys from the agent, process
	      plain private keys only and skip certificates.

       -L     Lists public key parameters of all identities  currently	repre‐
	      sented by the agent.

       -l     Lists  fingerprints  of  all identities currently represented by
	      the agent.

       -s pkcs11
	      Add keys provided by the PKCS#11 shared library pkcs11.

       -t life
	      Set a maximum lifetime when adding identities to an agent.   The
	      lifetime	may be specified in seconds or in a time format speci‐
	      fied in sshd_config(5).

       -X     Unlock the agent.

       -x     Lock the agent with a password.

ENVIRONMENT
       DISPLAY and SSH_ASKPASS
	      If ssh-add needs a passphrase, it will read the passphrase  from
	      the  current terminal if it was run from a terminal.  If ssh-add
	      does not have a terminal associated  with	 it  but  DISPLAY  and
	      SSH_ASKPASS  are	set,  it will execute the program specified by
	      SSH_ASKPASS and open an X11 window to read the passphrase.  This
	      is  particularly useful when calling ssh-add from a .xsession or
	      related script.  (Note that on some machines it may be necessary
	      to redirect the input from /dev/null to make this work.)

       SSH_AUTH_SOCK
	      Identifies  the path of a UNIX-domain socket used to communicate
	      with the agent.

FILES
       ~/.ssh/identity
	      Contains the protocol version 1 RSA authentication  identity  of
	      the user.

       ~/.ssh/id_dsa
	      Contains	the  protocol version 2 DSA authentication identity of
	      the user.

       ~/.ssh/id_ecdsa
	      Contains the protocol version 2 ECDSA authentication identity of
	      the user.

       ~/.ssh/id_ed25519
	      Contains	the protocol version 2 ED25519 authentication identity
	      of the user.

       ~/.ssh/id_rsa
	      Contains the protocol version 2 RSA authentication  identity  of
	      the user.

	      Identity	files  should  not be readable by anyone but the user.
	      Note that ssh-add ignores identity files if they are  accessible
	      by others.

EXIT STATUS
       Exit status is 0 on success, 1 if the specified command fails, and 2 if
       ssh-add is unable to contact the authentication agent.

SEE ALSO
       ssh(1), ssh-agent(1), ssh-keygen(1), sshd(8)

AUTHORS
       OpenSSH is a derivative of the original and free ssh 1.2.12 release  by
       Tatu  Ylonen.   Aaron  Campbell, Bob Beck, Markus Friedl, Niels Provos,
       Theo de Raadt and Dug Song removed many bugs, re-added  newer  features
       and  created  OpenSSH.	Markus	Friedl contributed the support for SSH
       protocol versions 1.5 and 2.0.

			       December 7 2013			    SSH-ADD(1)

Vote for polarhome