NAME

ssh-add - Adds keys to the authentication agent.

SYNOPSIS

ssh-add [-c] [-d] [-D] [-h] [-l] [-L] [-p] [-t timeout] [-U] [-V] [file1 file2 ...]

DESCRIPTION

Use ssh-add to add identities to the authentication agent (ssh-agent). The agent must be running. You are prompted for a passphrase for any passphrase-protected key.

Specifying a key file is optional. If don't specify any key files, ssh-add adds all the keys specified in your identification file (which is $HOME/.ssh2/identification by default). For example, to start the agent in your current shell and load it with the keys in your identification file, use the following command sequence:

eval `ssh-agent'

ssh-add

Note: If you use X11, call ssh-add2 with '< /dev/null' to activate the ssh-askpass prompting window. This window is used for passphrase prompts.

OPTIONS

Options are available in both a single-character form (such as -o) and a descriptive equivalent (--option). Single characters are shown here. To view the descriptive equivalents, use the -h command line option.

-c

Specifies that agent should ask for confirmation before using a key.

-d

Removes one or more specified keys from the agent. Use the file argument to specify the key file(s).

-D

Removes all identities from the agent.

-h

Displays a brief summary of command options.

-l

Lists all the identities currently loaded in the key agent.

-L

Locks the key agent. You are prompted for a password, which you will need to use to unlock the agent. Use -U to unlock.

-p

Reads the passphrase from stdin. This may be done over a pipe.

-t <timeout>

Sets a timeout for the key. Use zero (0) to set no limit. Keys are deleted after the specified timeout.

By default, the timeout value is set in minutes. You can specify other units using this syntax:

n<unit>[n<unit>]

Where unit can be: s (seconds), m (minutes), h (hours), d (days), or w (weeks). (Upper or lower case units are both accepted with the same meaning.) For example:

3600s = 3600 seconds (1 hour)

2w = 2 weeks

2d4h = 2 days and 4 hours

-U

Unlocks an agent that has been locked using -L. You are prompted for the required password.

-V

Displays product name and version information and exits. If other options are specified on the command line, they are ignored.

COPYRIGHT

Copyright (C) 2008 Attachmate Corporation

SEE ALSO

ssh(1), ssh2_config(5), ssh-keygen(1), scp(1), sftp(1), ssh-agent(1), sshd(8), sshd2_config(5)

Additional Reflection for Secure IT documentation is available online from the Attachmate documentation web page:

http://support.attachmate.com/manuals/

And from the technical note library:

http://support.attachmate.com/techdocs/