ssh-add - adds identities for the authentication agent
ssh-add [-p] [-l] [-d] [-D] [file...]
Ssh-add adds identities to the authentication agent, ssh-agent. When run without arguments, it adds the file $HOME/ . ssh/identity. Alternative file names can be given on the command line. If any file requires a passphrase, ssh-add asks for the passphrase from the user. If the -p option is given then the passphrase is read from stdin, otherwise if the user is using X11, the passphrase is requested using a small X11 program; otherwise it is read from the user’s tty. (Note: it may be necessary to redirect stdin from /dev/null to get the passphrase requested using X11.)
The authentication agent must be running and must be an ancestor of the current process for ssh-add to work.
|
-p |
Read passphrase from stdin (or pipe). | ||
|
-l |
Lists all identities currently represented by the agent. | ||
|
-d |
Instead of adding the identity, removes the identity from the agent. | ||
|
-D |
Deletes all identities from the agent. |
Ssh-add returns one of the following exit statuses. These may be useful in scripts.
|
0 |
The requested operation was performed successfully. | ||
|
1 |
No connection could be made to the authentication agent. Presumably there is no authentication agent active in the execution environment of ssh-add. | ||
|
2 |
The user did not supply a required passphrase. | ||
|
3 |
An identify file could not be found, was not readable, or was in bad format. | ||
|
4 |
The agent does not have the requested identity. | ||
|
5 |
An unspecified error has occurred; this is a catch-all for errors not listed above. |
$HOME/ . ssh/identity
Contains the RSA authentication identity of the user. This file should not be readable by anyone but the user. It is possible to specify a passphrase when generating the key; that passphrase will be used to encrypt the private part of this file. This is the default file added by ssh-add when no other files have been specified.
If ssh-add needs a passphrase, it will read the passphrase from the current terminal if it was run from a terminal. If ssh-add does not have a terminal associated with it but DISPLAY is set, it will open an X11 window to read the passphrase. This is particularly useful when calling ssh-add from a .Xsession or related script. (Note that on some machines it may be necessary to redirect the input from /dev/null to make this work.)
Tatu Ylonen <ylo@ssh.fi>
ssh-agent(1), ssh-keygen(1), ssh(1), sshd(8)