ssh-agent man page on Ultrix

Man page or keyword search:  
man Server   3690 pages
apropos Keyword Search (all sections)
Output format
Ultrix logo
[printable version]

SSH-AGENT(1)			      SSH			  SSH-AGENT(1)

NAME
       ssh-agent - authentication agent

SYNOPSIS
       ssh-agent command

       eval `ssh-agent [-k] [-s] [-c]`

DESCRIPTION
       Ssh-agent  is  a program to hold authentication private keys.  The idea
       is that ssh-agent is started in the beginning  of  an  X-session	 or  a
       login  session,	and all other windows or programs are started as chil‐
       dren of the ssh-agent program (the command normally starts X or is  the
       user  shell).  Programs started under the agent inherit a connection to
       the agent, and the agent is automatically used for  RSA	authentication
       when logging to other machines using ssh.

       If  the ssh-agent is started without any arguments (no command) it will
       fork and start agent as background process. The agent also prints  com‐
       mand  that can be evaluated in sh or csh like shells, that will set the
       SSH_AUTH_SOCK   and   SSH_AGENT_PID   environment    variables.	   The
       SSH_AGENT_PID  environment variable can be used to kill agent away when
       it is no longer needed (you logout from X-session etc). If  no  options
       are given the ssh-agent uses SHELL environment variable the detect what
       kind of shell you have (*csh or sh-style shell).	 The  -c  option  will
       force csh-style shell, and -s option will force sh-style shell.

       Note  that in SysV variants (at least IRIX and Solaris) the environment
       variable SHELL might not contain the actual value of the shell  execut‐
       ing  the	 evaluation.  If ALTSHELL is set to YES in /etc/default/login,
       the SHELL environment variable is set to the login shell of the user.

       The -k option can be used to kill agent	automatically.	It  kills  the
       agent  (it uses the SSH_AGENT_PID to find it) and prints shell commands
       to stdout that will unset the SSH_AUTH_SOCKET and SSH_AGENT_PID enviro‐
       ment variables.

       The  agent  initially  does  not have any private keys.	Keys are added
       using ssh-add.  When  executed  without	arguments,  ssh-add  adds  the
       $HOME/.ssh/identity  file.   If	the identity has a passphrase, ssh-add
       asks for the passphrase (using a small X11 application if running under
       X11,  or	 from  the  terminal if running without X).  It then sends the
       identity to the agent.  Several identities can be stored in the	agent;
       the  agent  can	automatically use any of these identities.  Ssh-add -l
       displays the identities currently held by the agent.

       The idea is that the agent is run in the user's local  PC,  laptop,  or
       terminal.  Authentication data need not be stored on any other machine,
       and authentication passphrases never go over the network.  However, the
       connection  to  the  agent is forwarded over ssh remote logins, and the
       user can thus use the privileges given by the  identities  anywhere  in
       the network in a secure way.

       A  connection  to  the  agent  is inherited by child programs.  A unix-
       domain socket is created (/tmp/ssh-$USER/ssh-<pid>-agent), where the %d
       is  the	process id of the listener (agent or sshd proxying the agent).
       The name of this socket is  stored  in  the  SSH_AUTH_SOCK  environment
       variable.   The	socket	is  made  accessible only to the current user.
       This method is easily abused by root or another instance	 of  the  same
       user.  Older  versions  of ssh used inherited file descriptors for con‐
       tacting the agent and used the unix-domain sockets in  an  incompatible
       way.

       If  the command is given as argument to ssh-agent the agent exits auto‐
       matically when the command given on the command line  terminates.   The
       command	is  executed even if agent fails to start it's key-storing and
       challenge-processing services.

FILES
       $HOME/.ssh/identity
	      Contains the RSA authentication identity of the user.  This file
	      should  not  be readable by anyone but the user.	It is possible
	      to specify a passphrase when generating the key; that passphrase
	      will  be	used  to  encrypt the private part of this file.  This
	      file is not used by ssh-agent, but  is  normally	added  to  the
	      agent using ssh-add at login time.

       /tmp/ssh-$USER/ssh-<pid>-agent
	      Unix-domain  sockets  used  to  contain  the  connection	to the
	      authentication agent.  These sockets should only be readable  by
	      the  owner.   The	 sockets should get automatically removed when
	      the agent exits. The parent directory  of	 ssh-$USER  must  have
	      it's sticky bit set.

AUTHOR
       Tatu Ylonen <ylo@ssh.fi>

SEE ALSO
       ssh-add(1), ssh-keygen(1), ssh(1), sshd(8)

SSH			       November 8, 1995			  SSH-AGENT(1)
[top]

List of man pages available for Ultrix

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net