{"id":349,"date":"2019-10-21T19:55:22","date_gmt":"2019-10-21T17:55:22","guid":{"rendered":"http:\/\/linuxboxen2.dk\/?p=349"},"modified":"2019-10-21T19:55:22","modified_gmt":"2019-10-21T17:55:22","slug":"ssh-add","status":"publish","type":"post","link":"https:\/\/www.linuxboxen.dk\/?p=349","title":{"rendered":"SSH-ADD"},"content":{"rendered":"<p>SSH-ADD(1)\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 BSD General Commands Manual\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 SSH-ADD(1)<\/p>\n<p>NAME\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 top<\/p>\n<p>ssh-add \u2014 adds private key identities to the authentication agent<\/p>\n<p>SYNOPSIS\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 top<\/p>\n<p>ssh-add [-cDdkLlXx] [-t life] [file &#8230;]<br \/>\nssh-add -s pkcs11<br \/>\nssh-add -e pkcs11<\/p>\n<p>DESCRIPTION\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 top<\/p>\n<p>ssh-add adds private key identities to the authentication agent,<br \/>\nssh-agent(1).\u00a0 When run without arguments, it adds the files<br \/>\n~\/.ssh\/id_rsa, ~\/.ssh\/id_dsa, ~\/.ssh\/id_ecdsa, ~\/.ssh\/id_ed25519 and<br \/>\n~\/.ssh\/identity.\u00a0 After loading a private key, ssh-add will try to load<br \/>\ncorresponding certificate information from the filename obtained by<br \/>\nappending -cert.pub to the name of the private key file.\u00a0 Alternative<br \/>\nfile names can be given on the command line.<\/p>\n<p>If any file requires a passphrase, ssh-add asks for the passphrase from<br \/>\nthe user.\u00a0 The passphrase is read from the user&#8217;s tty.\u00a0 ssh-add retries<br \/>\nthe last passphrase if multiple identity files are given.<\/p>\n<p>The authentication agent must be running and the SSH_AUTH_SOCK environ\u2010<br \/>\nment variable must contain the name of its socket for ssh-add to work.<\/p>\n<p>The options are as follows:<\/p>\n<p>-c\u00a0\u00a0\u00a0\u00a0\u00a0 Indicates that added identities should be subject to confirma\u2010<br \/>\ntion before being used for authentication.\u00a0 Confirmation is<br \/>\nperformed by the SSH_ASKPASS program mentioned below.\u00a0 Success\u2010<br \/>\nful confirmation is signaled by a zero exit status from the<br \/>\nSSH_ASKPASS program, rather than text entered into the<br \/>\nrequester.<\/p>\n<p>-D\u00a0\u00a0\u00a0\u00a0\u00a0 Deletes all identities from the agent.<\/p>\n<p>-d\u00a0\u00a0\u00a0\u00a0\u00a0 Instead of adding identities, removes identities from the<br \/>\nagent.\u00a0 If ssh-add has been run without arguments, the keys for<br \/>\nthe default identities and their corresponding certificates<br \/>\nwill be removed.\u00a0 Otherwise, the argument list will be inter\u2010<br \/>\npreted as a list of paths to public key files to specify keys<br \/>\nand certificates to be removed from the agent.\u00a0 If no public<br \/>\nkey is found at a given path, ssh-add will append .pub and<br \/>\nretry.<\/p>\n<p>-e pkcs11<br \/>\nRemove keys provided by the PKCS#11 shared library pkcs11.<\/p>\n<p>-k\u00a0\u00a0\u00a0\u00a0\u00a0 When loading keys into or deleting keys from the agent, process<br \/>\nplain private keys only and skip certificates.<\/p>\n<p>-L\u00a0\u00a0\u00a0\u00a0\u00a0 Lists public key parameters of all identities currently repre\u2010<br \/>\nsented by the agent.<\/p>\n<p>-l\u00a0\u00a0\u00a0\u00a0\u00a0 Lists fingerprints of all identities currently represented by<br \/>\nthe agent.<\/p>\n<p>-s pkcs11<br \/>\nAdd keys provided by the PKCS#11 shared library pkcs11.<\/p>\n<p>-t life<br \/>\nSet a maximum lifetime when adding identities to an agent.\u00a0 The<br \/>\nlifetime may be specified in seconds or in a time format speci\u2010<br \/>\nfied in sshd_config(5).<\/p>\n<p>-X\u00a0\u00a0\u00a0\u00a0\u00a0 Unlock the agent.<\/p>\n<p>-x\u00a0\u00a0\u00a0\u00a0\u00a0 Lock the agent with a password.<\/p>\n<p>ENVIRONMENT\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 top<\/p>\n<p>DISPLAY and SSH_ASKPASS<br \/>\nIf ssh-add needs a passphrase, it will read the passphrase from<br \/>\nthe current terminal if it was run from a terminal.\u00a0 If ssh-add<br \/>\ndoes not have a terminal associated with it but DISPLAY and<br \/>\nSSH_ASKPASS are set, it will execute the program specified by<br \/>\nSSH_ASKPASS and open an X11 window to read the passphrase.<br \/>\nThis is particularly useful when calling ssh-add from a<br \/>\n.xsession or related script.\u00a0 (Note that on some machines it<br \/>\nmay be necessary to redirect the input from \/dev\/null to make<br \/>\nthis work.)<\/p>\n<p>SSH_AUTH_SOCK<br \/>\nIdentifies the path of a UNIX-domain socket used to communicate<br \/>\nwith the agent.<\/p>\n<p>FILES\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 top<\/p>\n<p>~\/.ssh\/identity<br \/>\nContains the protocol version 1 RSA authentication identity of<br \/>\nthe user.<\/p>\n<p>~\/.ssh\/id_dsa<br \/>\nContains the protocol version 2 DSA authentication identity of<br \/>\nthe user.<\/p>\n<p>~\/.ssh\/id_ecdsa<br \/>\nContains the protocol version 2 ECDSA authentication identity<br \/>\nof the user.<\/p>\n<p>~\/.ssh\/id_ed25519<br \/>\nContains the protocol version 2 ED25519 authentication identity<br \/>\nof the user.<\/p>\n<p>~\/.ssh\/id_rsa<br \/>\nContains the protocol version 2 RSA authentication identity of<br \/>\nthe user.<\/p>\n<p>Identity files should not be readable by anyone but the user.\u00a0 Note<br \/>\nthat ssh-add ignores identity files if they are accessible by others.<\/p>\n<p>EXIT STATUS\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 top<\/p>\n<p>Exit status is 0 on success, 1 if the specified command fails, and 2 if<br \/>\nssh-add is unable to contact the authentication agent.<\/p>\n<p>SEE ALSO\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 top<\/p>\n<p>ssh(1), ssh-agent(1), ssh-keygen(1), sshd(8)<\/p>\n<p>AUTHORS\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 top<\/p>\n<p>OpenSSH is a derivative of the original and free ssh 1.2.12 release by<br \/>\nTatu Ylonen.\u00a0 Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,<br \/>\nTheo de Raadt and Dug Song removed many bugs, re-added newer features<br \/>\nand created OpenSSH.\u00a0 Markus Friedl contributed the support for SSH<br \/>\nprotocol versions 1.5 and 2.0.<\/p>\n<p>COLOPHON\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 top<\/p>\n<p>This page is part of the openssh (Portable OpenSSH) project.\u00a0 Informa\u2010<br \/>\ntion about the project can be found at<br \/>\nhttp:\/\/www.openssh.com\/portable.html.\u00a0 If you have a bug report for<br \/>\nthis manual page, see http:\/\/www.openssh.com\/report.html.\u00a0 This page<br \/>\nwas obtained from the tarball openssh-6.7p1.tar.gz fetched from<br \/>\nhttp:\/\/ftp.eu.openbsd.org\/pub\/OpenBSD\/OpenSSH\/portable\/ on 2014-12-30.<br \/>\nIf you discover any rendering problems in this HTML version of the<br \/>\npage, or you believe there is a better or more up-to-date source for<br \/>\nthe page, or you have corrections or improvements to the information in<br \/>\nthis COLOPHON (which is not part of the original manual page), send a<br \/>\nmail to\u00a0man-pages@man7.org<\/p>\n<p>BSD\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 December 31, 2014\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 BSD<\/p>\n","protected":false},"excerpt":{"rendered":"<p>SSH-ADD(1)\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 BSD General Commands Manual\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 SSH-ADD(1) NAME\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 top ssh-add \u2014 adds private key identities to the authentication agent SYNOPSIS\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 top ssh-add [-cDdkLlXx] [-t life] [file &#8230;] ssh-add -s pkcs11 ssh-add -e pkcs11 DESCRIPTION\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 top ssh-add adds private key identities to the authentication agent, ssh-agent(1).\u00a0 When run without arguments, it adds the files ~\/.ssh\/id_rsa, ~\/.ssh\/id_dsa, ~\/.ssh\/id_ecdsa, [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_sitemap_exclude":false,"_sitemap_priority":"","_sitemap_frequency":"","footnotes":""},"categories":[8],"tags":[],"class_list":["post-349","post","type-post","status-publish","format-standard","hentry","category-shell"],"a3_pvc":{"activated":false,"total_views":0,"today_views":0},"_links":{"self":[{"href":"https:\/\/www.linuxboxen.dk\/index.php?rest_route=\/wp\/v2\/posts\/349","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.linuxboxen.dk\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.linuxboxen.dk\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.linuxboxen.dk\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.linuxboxen.dk\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=349"}],"version-history":[{"count":0,"href":"https:\/\/www.linuxboxen.dk\/index.php?rest_route=\/wp\/v2\/posts\/349\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.linuxboxen.dk\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=349"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.linuxboxen.dk\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=349"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.linuxboxen.dk\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=349"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}