ssh-add2(1)ssh-add2(1)NAME
ssh-add2, ssh-add - Adds private keys into the authentication agent
SYNOPSIS
ssh-add2 [-p] [-l] [-N] [-P] [-I] [-d] [-D] [-L] [-U] [-1] [-u] [-f
forwarding_steps] [-F forwarding_constraint] [-t timeout] [-R
OpenPGP_keyring] [file . . .]
OPTIONS
Reads passphrase from stdin (or pipe). Lists all identities currently
represented by the agent. Keys added or deleted are stored in the
OpenPGP key ring and identified by the key name string. Keys added or
deleted are stored in the OpenPGP key ring and identified by the key
fingerprint. Keys added or deleted are stored in the OpenPGP key ring
and identified by the key ID number. Removes the identity from the
agent. Deletes all identities from the agent. Temporarily locks the
agent with a password. Unlocks the locked agent. The password given
when the agent was locked must be used to unlock. Specifies that the
agent is not allowed to use keys added with this command in ssh1 com‐
patibility operations. Specifies that the keys added are not read from
the file; instead, the keys are given to the agent as a URL. With this
option, the agent can get information about the additional key sources,
like smart cards. Specifies that the key can be used only through as
many forwarding steps as directed by the argument. Argument 0 states
that the key can be used only locally. Be aware that ssh1 does not sub‐
mit forwarding information; therefore, this option might not work as
expected with ssh1 compatibility. Specifies a comma-separated list of
host name patterns through which the key can be forwarded. For exam‐
ple, the forwarding constraint string of *.ssh.com,rinne.iki.fi states
that the key can be forwarded to any host in domain ssh.com and host
rinne.iki.fi and used locally. Be aware that ssh1 does not submit for‐
warding information; therefore, this option might not work as expected
with ssh1 compatibility. Specifies the amount of time (in minutes)
that the agent will wait before deleting the key. Specifies the
OpenPGP secret key ring file.
DESCRIPTION
The ssh-add2 command adds private keys into the ssh-agent2 authentica‐
tion agent. The authentication agent must be running and must be an
ancestor of the current process.
If a private key requires a passphrase, the ssh-add2 command prompts
the user for the passphrase. If the -p option is given, the passphrase
is read from stdin. If X11 is used (i.e., if the DISPLAY environment
variable is set to a valid value), the passphrase is requested using a
small X11 program. Otherwise, it is read from the user's tty. (When
using X11, it may be necessary to call ssh-add2 with '< /dev/null' to
activate the prompting window.)
If the user is using a terminal, the passphrase is requested in the
terminal window. If the user is using X11, the passphrase is requested
in an X11 window. This feature is useful when calling the ssh-add2 com‐
mand from an or a related script. It might be necessary to redirect
input from /dev/null to get the passphrase requested using X11.
EXIT STATUS
The ssh-add2 command returns one of the following exit values. These
can be useful in scripts. The requested operation was performed suc‐
cessfully. No connection could be made to the authentication agent.
Presumably there is no authentication agent active in the execution
environment of the ssh-add2 command. The user did not supply a
required passphrase. An identity file could not be found, was not
readable, or was in bad format. The agent does not have the requested
identity. An unspecified error has occurred; this is for errors not
listed previously.
FILES
Contains the names of the private keys to be used in authentication.
Contains a user's private key. Contains standard private and public
key files.
LEGAL NOTICES
SSH is a registered trademark of SSH Communication Security Ltd.
SEE ALSO
Commands: ssh2(1), ssh-agent2(1), ssh-keygen2(1), sshd2(8)ssh-add2(1)
