1ssh-agent(1)                     User Commands                    ssh-agent(1)
2
3
4

NAME

6       ssh-agent - authentication agent
7

SYNOPSIS

9       ssh-agent [-a bind_address] [-c | -s ] [-d]
10            [-t life] [command [args]...]
11
12
13       ssh-agent [-c | -s] -k
14
15

DESCRIPTION

17       ssh-agent is a program to hold private keys used for public key authen‐
18       tication (RSA, DSA). ssh-agent is often started at the beginning  of  a
19       login  session. All other windows or programs are started as clients to
20       the ssh-agent program. Through use of environment variables, the  agent
21       can  be  located and automatically used for authentication when logging
22       in to other machines using ssh(1). See the System Administration Guide:
23       Security Services.
24
25
26       If  a  command  line  is given, this is executed as a subprocess of the
27       agent. When the command dies, so does the agent.
28
29
30       The agent initially does not have any  private  keys.  Keys  are  added
31       using  ssh-add(1), which sends the identity to the agent. Several iden‐
32       tities can be stored in the agent; the agent can automatically use  any
33       of  these  identities.  Use  the -l option in ssh-add(1) to display the
34       identities currently held by the agent.
35
36
37       The agent is run in the user's local host. Authentication data need not
38       be stored on any other machine, and authentication passphrases never go
39       over the network. However, if the connection to the agent is  forwarded
40       over  SSH  remote  logins, the user can use the privileges given by the
41       identities anywhere in the network in a secure way.
42
43
44       There are two main ways to get an agent setup. Either you let the agent
45       start  a  new  subcommand  into  which  some  environment variables are
46       exported, or you let the agent print the needed shell commands  (either
47       sh(1)  or  csh(1)  syntax can be generated) which can be evalled in the
48       calling shell. Later, use ssh(1) to look at  these  variables  and  use
49       them to establish a connection to the agent.
50
51
52       A  unix-domain  socket is created (/tmp/ssh-XXXXXXXX/agent.pid) and the
53       name of this socket is stored in the  SSH_AUTH_SOCK  environment  vari‐
54       able.  The  socket  is  made  accessible only to the current user. This
55       method is easily abused by root or another instance of the same user.
56
57
58       The SSH_AGENT_PID environment variable holds the agent's PID.
59
60
61       The agent exits automatically when the command  given  on  the  command
62       line terminates.
63

OPTIONS

65       The following options are supported:
66
67       -a bind_address    Binds   the   agent   to   the   unix-domain  socket
68                          bind_address.    The    default     is     /tmp/ssh-
69                          XXXXXXXX/agent.pid.
70
71
72       -c                 Generates  C-shell  commands  on stdout. This is the
73                          default if SHELL indicates that it is a csh style of
74                          shell.
75
76
77       -d                 Debug mode. When this option is specified, ssh-agent
78                          does not fork.
79
80
81       -k                 Kills the current agent (given by the  SSH_AGENT_PID
82                          environment variable).
83
84
85       -s                 Generates  Bourne  shell commands on stdout. This is
86                          the default if SHELL does not indicate that it is  a
87                          csh style of shell.
88
89
90       -t life            Set  a default value for the maximum lifetime (life)
91                          of identities added to the agent. life can be speci‐
92                          fied  in  seconds  or  in a time format specified in
93                          sshd_config(4). life specified for an identity  with
94                          ssh-add(1) overrides this value. Without this option
95                          the default maximum life is forever.
96
97

EXIT STATUS

99       The following exit values are returned:
100
101       0    Successful completion.
102
103
104       1    An error occurred.
105
106

FILES

108       /tmp/ssh-XXXXXXXX/agent.pid
109
110           Unix-domain sockets used to contain the connection to the authenti‐
111           cation  agent.  These sockets should only be readable by the owner.
112           The sockets are removed when the agent exits.
113
114

ATTRIBUTES

116       See attributes(5) for descriptions of the following attributes:
117
118
119
120
121       ┌─────────────────────────────┬─────────────────────────────┐
122       │      ATTRIBUTE TYPE         │      ATTRIBUTE VALUE        │
123       ├─────────────────────────────┼─────────────────────────────┤
124       │Availability                 │SUNWsshu                     │
125       ├─────────────────────────────┼─────────────────────────────┤
126       │Interface Stability          │Committed                    │
127       └─────────────────────────────┴─────────────────────────────┘
128

SEE ALSO

130       ssh(1),   ssh-add(1),    ssh-keygen(1),    sshd(1M),    sshd_config(4),
131       attributes(5)
132
133
134       System Administration Guide: Security Services
135
136
137
138SunOS 5.11                        17 Aug 2009                     ssh-agent(1)
Impressum