SSH-ADD2(1) SSH2 SSH-ADD2(1)
NAME
ssh-add2 - adds identities for the authentication agent
SYNOPSIS
ssh-add2 [-p] [-l] [-N] [-P] [-I] [-d] [-D] [-L] [-U] [-1]
[-u] [-f forwarding_steps] [-F forwarding_constraint]
[-t timeout] [-V] [-R openpgp_key_ring] [files...]
DESCRIPTION
ssh-add2 adds identities to the authentication agent, ssh-
agent2. If a file requires a passphrase, ssh-add2 asks
the user for the passphrase. If the -p option is given,
the passphrase is read from stdin. If X11 is used (i.e. if
the DISPLAY environment variable is set to a valid value),
the passphrase is requested using a small X11 program.
Otherwise, it is read from the user's tty. (Note: When
using X11, it may be necessary to call ssh-add2 with '<
/dev/null' to activate the prompting window.)
The authentication agent must be running and must be an
ancestor of the current process for ssh-add2 to work.
OPTIONS
-p Reads passphrase from stdin (possibly over a pipe).
-l Lists all identities currently represented by the
agent.
-N Keys added/deleted are stored in the OpenPGP key ring
and identified by key name string.
-P Keys added/deleted are stored in the OpenPGP key ring
and identified by key fingerprint.
-I Keys added/deleted are stored in the OpenPGP key ring
and identified by key ID.
-d Instead of adding the identity, removes the identity
from the agent.
-D Deletes all identities from the agent.
-L Temporarily locks the agent with a password.
-U Unlocks the locked agent. The password given when the
agent was locked must be used to unlock.
-1 The agent is not allowed to use keys added with this
command in ssh1 compatibility operations.
-u The keys added are not read from the file, but
instead the key is given to the agent as a URL. This
way the agent can access additional key sources like
smart cards.
-f forwarding_steps
The key can be used only through as many forwarding
steps as directed by the argument. Argument 0 states
that the key can only be used locally. Note that
ssh1 does not submit forwarding information, so with
ssh1 compatibility, this constraint may not work as
expected.
-F forwarding_constraint
The argument is a comma-separated list of host name
patterns through which the key can be forwarded. For
example, the constraint string
"*.ssh.com,rinne.iki.fi" states that the key can be
forwarded to any host in domain ssh.com and also to
host rinne.iki.fi as well as used locally. Note that
ssh1 does not submit forwarding information, so with
ssh1 compatibility, this constraint may not work as
expected.
-t timeout
Agent must delete the key after timeout. Timeout is
given in minutes.
-V Print version information.
-R openpgp_key_ring
Uses a specific OpenPGP secret key ring.
RETURN STATUS
ssh-add2 returns one of the following exit codes. These
may be useful in scripts.
0 The requested operation was performed successfully.
1 No connection could be made to the authentication
agent. Presumably there is no authentication agent
active in the execution environment of ssh-add2.
2 The user did not supply the required passphrase.
3 An identify file could not be found, is unreadable,
or contains errors.
4 The agent does not have the requested identity.
5 None of the above.
FILES
$HOME/.ssh2/identification
Contains names of the private keys that are to be
used in authentication. See ssh2(1) for more
information.
$HOME/.ssh2/id_KEYTYPE_KEYLEN_X
$HOME/.ssh2/id_KEYTYPE_KEYLEN_X.pub
Standard private and public identification key
files.
AUTHORS
SSH Communications Security Corp.
For more information, see http://www.ssh.com.
SEE ALSO
ssh-agent2(1), ssh-keygen2(1), ssh2(1), sshd2(8)
|
