FreeBSD Man PagesIndex:
[(1)addftinfo(1)
addr2line(1)
afmtodit(1)
alias(1)
alloc(1)
apply(1)
apropos(1)
ar(1)
as(1)
asa(1)
at(1)
atq(1)
atrm(1)
awk(1)
b64decode(1)
b64encode(1)
basename(1)
batch(1)
bc(1)
bdes(1)
bg(1)
biff(1)
bind(1)
bindkey(1)
brandelf(1)
break(1)
breaksw(1)
bsdtar(1)
bsnmpd(1)
bthost(1)
btsockstat(1)
builtin(1)
builtins(1)
bunzip2(1)
byacc(1)
bzcat(1)
bzegrep(1)
bzfgrep(1)
bzgrep(1)
bzip2(1)
c++(1)
c89(1)
c99(1)
cal(1)
calendar(1)
cap_mkdb(1)
case(1)
cat(1)
catman(1)
cc(1)
cd(1)
cdcontrol(1)
chdir(1)
checknr(1)
chflags(1)
chfn(1)
chgrp(1)
chio(1)
chkey(1)
chmod(1)
chpass(1)
chsh(1)
ci(1)
ckdist(1)
cksum(1)
clear(1)
cmp(1)
co(1)
col(1)
colcrt(1)
colldef(1)
colrm(1)
column(1)
comm(1)
command(1)
compile_et(1)
complete(1)
compress(1)
continue(1)
cp(1)
cpio(1)
cpp(1)
crontab(1)
crunchgen(1)
crunchide(1)
crypt(1)
csh(1)
csplit(1)
ctags(1)
ctm(1)
ctm_dequeue(1)
ctm_rmail(1)
ctm_smail(1)
cu(1)
cursor(1)
cut(1)
cvs(1)
date(1)
dc(1)
dd(1)
default(1)
df(1)
dialog(1)
diff(1)
diff3(1)
dig(1)
dirname(1)
dirs(1)
do(1)
domainname(1)
done(1)
dtmfdecode(1)
du(1)
echo(1)
echotc(1)
ed(1)
edit(1)
ee(1)
egrep(1)
elfdump(1)
elif(1)
else(1)
end(1)
endif(1)
endsw(1)
enigma(1)
env(1)
eqn(1)
esac(1)
eval(1)
ex(1)
exec(1)
exit(1)
expand(1)
export(1)
expr(1)
f77(1)
false(1)
fc(1)
fdformat(1)
fdread(1)
fdwrite(1)
fetch(1)
fg(1)
fgrep(1)
fi(1)
file(1)
file2c(1)
filetest(1)
find(1)
finger(1)
flex++(1)
flex(1)
fmt(1)
fold(1)
fontedit(1)
for(1)
foreach(1)
from(1)
fstat(1)
fsync(1)
ftp(1)
g++(1)
g711conv(1)
gate-ftp(1)
gcc(1)
gcore(1)
gcov(1)
gdb(1)
gencat(1)
gensnmptree(1)
getNAME(1)
getconf(1)
getfacl(1)
getopt(1)
getopts(1)
glob(1)
goto(1)
gperf(1)
gprof(1)
grep(1)
grn(1)
grodvi(1)
groff(1)
grog(1)
grolbp(1)
grolj4(1)
grops(1)
grotty(1)
groups(1)
gtar(1)
gunzip(1)
gzcat(1)
gzexe(1)
gzip(1)
hash(1)
hashstat(1)
hd(1)
head(1)
hesinfo(1)
hexdump(1)
history(1)
host(1)
hostname(1)
hpftodit(1)
hup(1)
id(1)
ident(1)
idprio(1)
if(1)
indent(1)
indxbib(1)
info(1)
install-info(1)
install(1)
intro(1)
introduction(1)
ipcrm(1)
ipcs(1)
ipftest(1)
ipnat(1)
ipresend(1)
ipsend(1)
iptest(1)
jobid(1)
jobs(1)
join(1)
jot(1)
kbdcontrol(1)
kbdmap(1)
kcon(1)
kdestroy(1)
kdump(1)
kenv(1)
keylogin(1)
keylogout(1)
kgdb(1)
kill(1)
killall(1)
kinit(1)
klist(1)
kpasswd(1)
krb5-config(1)
ktrace(1)
lam(1)
last(1)
lastcomm(1)
ld-elf.so.1(1)
ld(1)
ld(1)
ldd(1)
leave(1)
less(1)
lesskey(1)
lex++(1)
lex(1)
limit(1)
limits(1)
link(1)
lint(1)
lkbib(1)
ln(1)
loadfont(1)
locale(1)
locate(1)
lock(1)
lockf(1)
log(1)
logger(1)
login(1)
logins(1)
logname(1)
logout(1)
look(1)
lookbib(1)
lorder(1)
lp(1)
lpq(1)
lpr(1)
lprm(1)
lptest(1)
ls-F(1)
ls(1)
lsvfs(1)
m4(1)
mail(1)
mailq(1)
mailx(1)
make(1)
makeinfo(1)
makewhatis(1)
man(1)
manpath(1)
md5(1)
merge(1)
mesg(1)
minigzip(1)
mkdep(1)
mkdir(1)
mkfifo(1)
mklocale(1)
mkstr(1)
mktemp(1)
mmroff(1)
more(1)
mptable(1)
msgs(1)
mt(1)
mv(1)
nawk(1)
nc(1)
ncal(1)
ncplist(1)
ncplogin(1)
ncplogout(1)
neqn(1)
netstat(1)
newaliases(1)
newgrp(1)
nex(1)
nfsstat(1)
nice(1)
nl(1)
nm(1)
nohup(1)
notify(1)
nroff(1)
nslookup(1)
nvi(1)
nview(1)
objcopy(1)
objdump(1)
objformat(1)
od(1)
omshell(1)
onintr(1)
opieinfo(1)
opiekey(1)
opiepasswd(1)
otp-md4(1)
otp-md5(1)
otp-sha(1)
pagesize(1)
passwd(1)
paste(1)
patch(1)
pathchk(1)
pawd(1)
pax(1)
pfbtops(1)
pftp(1)
pgrep(1)
pic(1)
pkg_add(1)
pkg_check(1)
pkg_create(1)
pkg_delete(1)
pkg_info(1)
pkg_sign(1)
pkg_version(1)
pkill(1)
popd(1)
pr(1)
printenv(1)
printf(1)
ps(1)
psroff(1)
pushd(1)
pwd(1)
quota(1)
ranlib(1)
rcp(1)
rcs(1)
rcsclean(1)
rcsdiff(1)
rcsfreeze(1)
rcsintro(1)
rcsmerge(1)
read(1)
readelf(1)
readlink(1)
readonly(1)
realpath(1)
red(1)
ree(1)
refer(1)
rehash(1)
repeat(1)
reset(1)
rev(1)
rfcomm_sppd(1)
rlog(1)
rlogin(1)
rm(1)
rmd160(1)
rmdir(1)
rpcgen(1)
rs(1)
rsh(1)
rtld(1)
rtprio(1)
rup(1)
ruptime(1)
rusers(1)
rwall(1)
rwho(1)
sched(1)
scon(1)
scp(1)
script(1)
sdiff(1)
sed(1)
send-pr(1)
sendbug(1)
set(1)
setenv(1)
setfacl(1)
settc(1)
setty(1)
setvar(1)
sftp(1)
sh(1)
sha1(1)
shar(1)
shift(1)
size(1)
sleep(1)
slogin(1)
smbutil(1)
sockstat(1)
soelim(1)
sort(1)
source(1)
split(1)
sscop(1)
ssh-add(1)
ssh-agent(1)
ssh-keygen(1)
ssh-keyscan(1)
ssh(1)
startslip(1)
stat(1)
stop(1)
strings(1)
strip(1)
stty(1)
su(1)
sum(1)
suspend(1)
switch(1)
systat(1)
tabs(1)
tail(1)
talk(1)
tar(1)
tbl(1)
tcopy(1)
tcpdump(1)
tcpslice(1)
tcsh(1)
tee(1)
telltc(1)
telnet(1)
test(1)
texindex(1)
tfmtodit(1)
tftp(1)
then(1)
time(1)
tip(1)
top(1)
touch(1)
tput(1)
tr(1)
trace(1)
trap(1)
troff(1)
true(1)
truncate(1)
truss(1)
tset(1)
tsort(1)
tty(1)
type(1)
ul(1)
ulimit(1)
umask(1)
unalias(1)
uname(1)
uncomplete(1)
uncompress(1)
unexpand(1)
unhash(1)
unifdef(1)
unifdefall(1)
uniq(1)
units(1)
unlimit(1)
unlink(1)
unset(1)
unsetenv(1)
until(1)
unvis(1)
uptime(1)
usbhidaction(1)
usbhidctl(1)
users(1)
uudecode(1)
uuencode(1)
uuidgen(1)
vacation(1)
vgrind(1)
vi(1)
vidcontrol(1)
vidfont(1)
view(1)
vis(1)
vt220keys(1)
vttest(1)
w(1)
wait(1)
wall(1)
wc(1)
what(1)
whatis(1)
where(1)
whereis(1)
which(1)
while(1)
who(1)
whoami(1)
whois(1)
window(1)
write(1)
xargs(1)
xstr(1)
yacc(1)
yes(1)
ypcat(1)
ypchfn(1)
ypchpass(1)
ypchsh(1)
ypmatch(1)
yppasswd(1)
ypwhich(1)
yyfix(1)
zcat(1)
zcmp(1)
zdiff(1)
zegrep(1)
zfgrep(1)
zforce(1)
zgrep(1)
zmore(1)
znew(1)
ssh-agent(1)
NAME
ssh-agent -- authentication agent
SYNOPSIS
ssh-agent [-a bind_address] [-c | -s] [-t life] [-d] [command [args ...]]
ssh-agent [-c | -s] -k
DESCRIPTION
ssh-agent is a program to hold private keys used for public key authenti-
cation (RSA, DSA). The idea is that ssh-agent is started in the begin-
ning of an X-session or a login session, and all other windows or pro-
grams are started as clients to the ssh-agent program. Through use of
environment variables the agent can be located and automatically used for
authentication when logging in to other machines using ssh(1).
The options are as follows:
-a bind_address
Bind the agent to the unix-domain socket bind_address. The
default is /tmp/ssh-XXXXXXXX/agent.<ppid>.
-c Generate C-shell commands on stdout. This is the default if
SHELL looks like it's a csh style of shell.
-s Generate Bourne shell commands on stdout. This is the default if
SHELL does not look like it's a csh style of shell.
-k Kill the current agent (given by the SSH_AGENT_PID environment
variable).
-t life
Set a default value for the maximum lifetime of identities added
to the agent. The lifetime may be specified in seconds or in a
time format specified in sshd(8). A lifetime specified for an
identity with ssh-add(1) overrides this value. Without this
option the default maximum lifetime is forever.
-d Debug mode. When this option is specified ssh-agent will not
fork.
If a commandline is given, this is executed as a subprocess of the agent.
When the command dies, so does the agent.
The agent initially does not have any private keys. Keys are added using
ssh-add(1). When executed without arguments, ssh-add(1) adds the files
$HOME/.ssh/id_rsa, $HOME/.ssh/id_dsa and $HOME/.ssh/identity. If the
identity has a passphrase, ssh-add(1) asks for the passphrase (using a
small X11 application if running under X11, or from the terminal if run-
ning without X). It then sends the identity to the agent. Several iden-
tities can be stored in the agent; the agent can automatically use any of
these identities. ssh-add -l displays the identities currently held by
the agent.
The idea is that the agent is run in the user's local PC, laptop, or ter-
minal. Authentication data need not be stored on any other machine, and
authentication passphrases never go over the network. However, the con-
nection to the agent is forwarded over SSH remote logins, and the user
agent.
The agent will never send a private key over its request channel.
Instead, operations that require a private key will be performed by the
agent, and the result will be returned to the requester. This way, pri-
vate keys are not exposed to clients using the agent.
A unix-domain socket is created and the name of this socket is stored in
the SSH_AUTH_SOCK environment variable. The socket is made accessible
only to the current user. This method is easily abused by root or
another instance of the same user.
The SSH_AGENT_PID environment variable holds the agent's process ID.
The agent exits automatically when the command given on the command line
terminates.
FILES
$HOME/.ssh/identity
Contains the protocol version 1 RSA authentication identity of
the user.
$HOME/.ssh/id_dsa
Contains the protocol version 2 DSA authentication identity of
the user.
$HOME/.ssh/id_rsa
Contains the protocol version 2 RSA authentication identity of
the user.
/tmp/ssh-XXXXXXXX/agent.<ppid>
Unix-domain sockets used to contain the connection to the authen-
tication agent. These sockets should only be readable by the
owner. The sockets should get automatically removed when the
agent exits.
SEE ALSO
ssh(1), ssh-add(1), ssh-keygen(1), sshd(8)
AUTHORS
OpenSSH is a derivative of the original and free ssh 1.2.12 release by
Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
de Raadt and Dug Song removed many bugs, re-added newer features and cre-
ated OpenSSH. Markus Friedl contributed the support for SSH protocol
versions 1.5 and 2.0.
FreeBSD 5.4 September 25, 1999 FreeBSD 5.4
SPONSORED LINKS
Man(1) output converted with man2html , sed , awk