SSH Tectia  
Previous Next Up [Contents] [Index]

    About This Document >>
    Installing SSH Tectia Server for IBM z/OS >>
    Getting Started with SSH Tectia Server for IBM z/OS >>
    Configuring the Server >>
    Configuring the Client >>
    Authentication >>
    File Transfer Using SFTP >>
    File Transfer Using Transparent FTP Tunneling >>
    Tunneling on the Command Line >>
    Troubleshooting SSH Tectia Server for IBM z/OS >>
    Advanced Information >>
    Man Pages >>
        scp2
        sftp2
        ssh-add2
        ssh-agent2
        ssh-socks-proxy >>
        ssh-socks-proxy-config >>
        ssh-socks-proxy-ctl >>
        ssh-certd
        ssh_certd_config
        ssh-certview >>
        ssh-cmpclient >>
        ssh-dummy-shell
        ssh-ekview
        ssh-externalkeys
        ssh-keydist2 >>
        ssh-keygen2
        ssh-probe2
        ssh-scepclient >>
        ssh-sft-stage
        ssh2
        ssh2_config
        sshd-check-conf
        sshd2
        sshd2_config
        sshd2_subconfig
        sshregex
    Log Messages >>

ssh-add2

SSH-ADD2(1)                    SSH2                   SSH-ADD2(1)


NAME
       ssh-add2 - adds identities for the authentication agent


SYNOPSIS
       ssh-add2 [-p] [-l] [-N] [-P] [-I] [-d] [-D] [-L] [-U] [-1]
       [-u]   [-f forwarding_steps]    [-F forwarding_constraint]
       [-t timeout] [-V] [-R openpgp_key_ring] [files...]


DESCRIPTION
       ssh-add2 adds identities to the authentication agent, ssh-
       agent2.  If a file requires a  passphrase,  ssh-add2  asks
       the  user  for  the passphrase. If the -p option is given,
       the passphrase is read from stdin. If X11 is used (i.e. if
       the DISPLAY environment variable is set to a valid value),
       the passphrase is requested using  a  small  X11  program.
       Otherwise,  it  is  read from the user's tty.  (Note: When
       using X11, it may be necessary to call  ssh-add2  with  '<
       /dev/null' to activate the prompting window.)

       The  authentication  agent  must be running and must be an
       ancestor of the current process for ssh-add2 to work.


OPTIONS
       -p   Reads passphrase from stdin (possibly over a pipe).

       -l   Lists all identities  currently  represented  by  the
            agent.

       -N   Keys added/deleted are stored in the OpenPGP key ring
            and identified by key name string.

       -P   Keys added/deleted are stored in the OpenPGP key ring
            and identified by key fingerprint.

       -I   Keys added/deleted are stored in the OpenPGP key ring
            and identified by key ID.

       -d   Instead of adding the identity, removes the  identity
            from the agent.

       -D   Deletes all identities from the agent.

       -L   Temporarily locks the agent with a password.

       -U   Unlocks the locked agent. The password given when the
            agent was locked must be used to unlock.

       -1   The agent is not allowed to use keys added with  this
            command in ssh1 compatibility operations.

       -u   The  keys  added  are  not  read  from  the file, but
            instead the key is given to the agent as a URL.  This
            way  the agent can access additional key sources like
            smart cards.

       -f forwarding_steps
            The key can be used only through as  many  forwarding
            steps  as directed by the argument. Argument 0 states
            that the key can only be  used  locally.   Note  that
            ssh1  does not submit forwarding information, so with
            ssh1 compatibility, this constraint may not  work  as
            expected.

       -F forwarding_constraint
            The  argument  is a comma-separated list of host name
            patterns through which the key can be forwarded.  For
            example,         the         constraint        string
            "*.ssh.com,rinne.iki.fi" states that the key  can  be
            forwarded  to  any host in domain ssh.com and also to
            host rinne.iki.fi as well as used locally.  Note that
            ssh1  does not submit forwarding information, so with
            ssh1 compatibility, this constraint may not  work  as
            expected.

       -t timeout
            Agent  must  delete the key after timeout. Timeout is
            given in minutes.

       -V   Print version information.

       -R openpgp_key_ring
            Uses a specific OpenPGP secret key ring.


RETURN STATUS
       ssh-add2 returns one of the following exit  codes.   These
       may be useful in scripts.

       0      The requested operation was performed successfully.

       1      No connection could be made to  the  authentication
              agent.  Presumably there is no authentication agent
              active in the execution environment of ssh-add2.

       2      The user did not supply the required passphrase.

       3      An identify file could not be found, is unreadable,
              or contains errors.

       4      The agent does not have the requested identity.

       5      None of the above.


FILES
       $HOME/.ssh2/identification
              Contains  names  of the private keys that are to be
              used  in  authentication.   See  ssh2(1)  for  more
              information.

       $HOME/.ssh2/id_KEYTYPE_KEYLEN_X

       $HOME/.ssh2/id_KEYTYPE_KEYLEN_X.pub
              Standard  private  and  public  identification  key
              files.


AUTHORS
       SSH Communications Security Corp.

       For more information, see http://www.ssh.com.


SEE ALSO
       ssh-agent2(1), ssh-keygen2(1), ssh2(1), sshd2(8)

Previous Next Up [Contents] [Index]


[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2007 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Copyright Notice