.\" -*- nroff -*- .\" .\" ssh-add2.1 .\" .\" Author: Tatu Ylonen .\" Markku-Juhani Saarinen .\" .\" Copyright (c) 1997, 2000, 2002 SSH Communications Security Corp, Finland .\" All rights reserved .\" .TH SSH-ADD2 1 "May 16, 2002" "SSH2" "SSH2" .SH NAME ssh-add2 \- adds identities for the authentication agent .SH SYNOPSIS .B ssh-add2 [\c .B \-p\ ] [\c .B \-l\ ] [\c .B \-N\ ] [\c .B \-P\ ] [\c .B \-I\ ] [\c .B \-d\c ] [\c .B \-D\c ] [\c .B \-L\c ] [\c .B \-U\c ] [\c .B \-1\c ] [\c .B \-u\c ] [\c .B \-f forwarding steps\c ] [\c .B \-F forwarding constraint\c ] [\c .B \-t key timeout in minutes\c ] [\c .B \-R OpenPGP key ring\c ] [\c .B files\c \&.\|.\|.\|] .SH DESCRIPTION .LP .B ssh-add2 adds identities to the authentication agent, .B ssh-agent2. If a file requires a passphrase, .B ssh-add2 asks the user for the passphrase. If the -p option is given, the passphrase is read from stdin. If X11 is used (ie. if the DISPLAY environment variable is set to a valid value), the passphrase is requested using a small X11 program. Otherwise, it is read from the user's tty. (Note: When using X11, it may be necessary to call .B ssh-add2 with '< /dev/null' to activate the prompting window.) .LP The authentication agent must be running and must be an ancestor of the current process for .B ssh-add2 to work. .SH OPTIONS .TP 0.5i .B \-p Read passphrase from stdin (possibly over a pipe). .TP .B \-l List all identities currently represented by the agent. .TP .B \-N Keys added/deleted are stored in the OpenPGP key ring and identified by key name string. .TP .B \-P Keys added/deleted are stored in the OpenPGP key ring and identified by key fingerprint. .TP .B \-I Keys added/deleted are stored in the OpenPGP key ring and identified by key id. .TP .B \-d Instead of adding the identity, remove the identity from the agent. .TP .B \-D Delete all identities from the agent. .TP .B \-L Temporarily lock the agent with a password. .TP .B \-U Unlock the locked agent. The password given when the agent was locked must be used to unlock. .TP .B \-1 The agent is not allowed to use keys added with this command in ssh1 compatibility operations. .TP .B \-u The keys added are not read from the file, but instead the key is given to the agent as a URL. This way the agent can access additional key sources like smart cards. .TP .BI \-f \ forwarding_steps The key can be used only through as many forwarding steps as directed by the argument. Argument 0 states that the key can only be used locally. Note that ssh1 does not submit forwarding information, so with ssh1 compatibility, this constraint may not work as expected. .TP .BI \-F \ forwarding_constraint The argument is a comma-separated list of host name patterns through which the key can be forwarded. For example, the constraint string "*.ssh.com,rinne.iki.fi" states that the key can be forwarded to any host in domain .I ssh.com and also to host .I rinne.iki.fi as well as used locally. Be aware that ssh1 does not submit forwarding information, so with ssh1 compatibility, this constraint may not work as expected. .TP .BI \-t \ timeout Agent must delete the key after \fItimeout\fR. Timeout is given in minutes. .TP .BI \-R \ openpgp_key_ring Use a specific OpenPGP secret key ring. .SH RETURN STATUS .B ssh-add2 returns one of the following exit codes. These may be useful in scripts. .IP 0 The requested operation was performed successfully. .IP 1 No connection could be made to the authentication agent. Presumably there is no authentication agent active in the execution environment of .B ssh-add2. .IP 2 The user did not supply a required passphrase. .IP 3 An identify file could not be found, is unreadable, or contains errors. .IP 4 The agent does not have the requested identity. .IP 5 None of the above. .RT .SH FILES .TP .I \&$HOME/\s+2.\s0ssh2/identification Contains names of the private keys that are to be used in authentication. See .BR ssh2 (1) for more information. .TP .I \&$HOME/\s+2.\s0ssh2/id_KEYTYPE_KEYLEN_X .TP .I \&$HOME/\s+2.\s0ssh2/id_KEYTYPE_KEYLEN_X.pub Standard private and public identification key files. .SH AUTHORS .LP SSH Communications Security Corp. For more information, see http://www.ssh.com. .SH SEE ALSO .BR ssh-agent2 (1), .BR ssh-keygen2 (1), .BR ssh2 (1), .BR sshd2 (8)