summaryrefslogtreecommitdiff
path: root/usr.bin/ssh
diff options
context:
space:
mode:
authorDamien Miller <djm@cvs.openbsd.org>2014-04-16 23:28:13 +0000
committerDamien Miller <djm@cvs.openbsd.org>2014-04-16 23:28:13 +0000
commit95fc77ce75392e98f4e711a04aec882f202ae4b9 (patch)
tree26725e1390254edde1ad894514c4ebfb6e59ef29 /usr.bin/ssh
parent75b886c2f9ed1deb127e6eea756fa41db4651251 (diff)
remove the identity files from this manpage - ssh-agent doesn't deal
with them at all and the same information is duplicated in ssh-add.1 (which does deal with them); prodded by deraadt@
Diffstat (limited to 'usr.bin/ssh')
-rw-r--r--usr.bin/ssh/ssh-agent.153
1 files changed, 16 insertions, 37 deletions
diff --git a/usr.bin/ssh/ssh-agent.1 b/usr.bin/ssh/ssh-agent.1
index 281ecbdcfcd..a1e634fe031 100644
--- a/usr.bin/ssh/ssh-agent.1
+++ b/usr.bin/ssh/ssh-agent.1
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ssh-agent.1,v 1.54 2013/12/07 11:58:46 naddy Exp $
+.\" $OpenBSD: ssh-agent.1,v 1.55 2014/04/16 23:28:12 djm Exp $
.\"
.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -34,7 +34,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: December 7 2013 $
+.Dd $Mdocdate: April 16 2014 $
.Dt SSH-AGENT 1
.Os
.Sh NAME
@@ -54,9 +54,8 @@
.Nm
is a program to hold private keys used for public key authentication
(RSA, DSA, ECDSA, ED25519).
-The idea is that
.Nm
-is started in the beginning of an X-session or a login session, and
+is usually started in the beginning of an X-session or a login session, and
all other windows or programs are started as clients to the ssh-agent
program.
Through use of environment variables the agent can be located
@@ -64,6 +63,19 @@ and automatically used for authentication when logging in to other
machines using
.Xr ssh 1 .
.Pp
+The agent initially does not have any private keys.
+Keys are added using
+.Xr ssh-add 1 .
+Multiple identities may be stored in
+.Nm
+concurrently and
+.Xr ssh 1
+will automatically use them if present.
+.Xr ssh-add 1
+is also used to remove keys from
+.Nm
+and to query the keys that are held in one.
+.Pp
The options are as follows:
.Bl -tag -width Ds
.It Fl a Ar bind_address
@@ -107,29 +119,6 @@ Without this option the default maximum lifetime is forever.
If a commandline is given, this is executed as a subprocess of the agent.
When the command dies, so does the agent.
.Pp
-The agent initially does not have any private keys.
-Keys are added using
-.Xr ssh-add 1 .
-When executed without arguments,
-.Xr ssh-add 1
-adds the files
-.Pa ~/.ssh/id_rsa ,
-.Pa ~/.ssh/id_dsa ,
-.Pa ~/.ssh/id_ecdsa ,
-.Pa ~/.ssh/id_ed25519
-and
-.Pa ~/.ssh/identity .
-If the identity has a passphrase,
-.Xr ssh-add 1
-asks for the passphrase on the terminal if it has one or from a small X11
-program if running under X11.
-If neither of these is the case then the authentication will fail.
-It then sends the identity to the agent.
-Several identities can be stored in the
-agent; the agent can automatically use any of these identities.
-.Ic ssh-add -l
-displays the identities currently held by the agent.
-.Pp
The idea is that the agent is run in the user's local PC, laptop, or
terminal.
Authentication data need not be stored on any other
@@ -185,16 +174,6 @@ The agent exits automatically when the command given on the command
line terminates.
.Sh FILES
.Bl -tag -width Ds
-.It Pa ~/.ssh/identity
-Contains the protocol version 1 RSA authentication identity of the user.
-.It Pa ~/.ssh/id_dsa
-Contains the protocol version 2 DSA authentication identity of the user.
-.It Pa ~/.ssh/id_ecdsa
-Contains the protocol version 2 ECDSA authentication identity of the user.
-.It Pa ~/.ssh/id_ed25519
-Contains the protocol version 2 ED25519 authentication identity of the user.
-.It Pa ~/.ssh/id_rsa
-Contains the protocol version 2 RSA authentication identity of the user.
.It Pa $TMPDIR/ssh-XXXXXXXXXX/agent.\*(Ltppid\*(Gt
.Ux Ns -domain
sockets used to contain the connection to the authentication agent.