Provided by: openssh-client_7.2p2-4ubuntu2.10_amd64 bug

NAME
       ssh-add — adds private key identities to the authentication agent


SYNOPSIS
       ssh-add [-cDdkLlXx] [-E fingerprint_hash] [-t life] [file ...]
       ssh-add -s pkcs11
       ssh-add -e pkcs11


DESCRIPTION
       ssh-add  adds  private  key  identities  to  the  authentication  agent,  ssh-agent(1).  When run without
       arguments, it  adds  the  files  ~/.ssh/id_rsa,  ~/.ssh/id_dsa,  ~/.ssh/id_ecdsa,  ~/.ssh/id_ed25519  and
       ~/.ssh/identity.   After  loading  a  private  key,  ssh-add  will  try to load corresponding certificate
       information from the filename obtained by appending -cert.pub to  the  name  of  the  private  key  file.
       Alternative file names can be given on the command line.

       If any file requires a passphrase, ssh-add asks for the passphrase from the user.  The passphrase is read
       from the user's tty.  ssh-add retries the last passphrase if multiple identity files are given.

       The authentication agent must be running and the SSH_AUTH_SOCK environment variable must contain the name
       of its socket for ssh-add to work.

       The options are as follows:

       -c      Indicates  that  added  identities  should  be  subject  to  confirmation  before  being used for
               authentication.   Confirmation  is  performed  by  ssh-askpass(1).   Successful  confirmation  is
               signaled by a zero exit status from ssh-askpass(1), rather than text entered into the requester.

       -D      Deletes all identities from the agent.

       -d      Instead of adding identities, removes identities from the agent.  If ssh-add has been run without
               arguments,  the  keys  for  the  default  identities and their corresponding certificates will be
               removed.  Otherwise, the argument list will be interpreted as a list of paths to public key files
               to specify keys and certificates to be removed from the agent.  If no public key is  found  at  a
               given path, ssh-add will append .pub and retry.

       -E fingerprint_hash
               Specifies the hash algorithm used when displaying key fingerprints.  Valid options are: “md5” and
               “sha256”.  The default is “sha256”.

       -e pkcs11
               Remove keys provided by the PKCS#11 shared library pkcs11.

       -k      When  loading keys into or deleting keys from the agent, process plain private keys only and skip
               certificates.

       -L      Lists public key parameters of all identities currently represented by the agent.

       -l      Lists fingerprints of all identities currently represented by the agent.

       -s pkcs11
               Add keys provided by the PKCS#11 shared library pkcs11.

       -t life
               Set a maximum lifetime when adding identities to an agent.  The  lifetime  may  be  specified  in
               seconds or in a time format specified in sshd_config(5).

       -X      Unlock the agent.

       -x      Lock the agent with a password.


ENVIRONMENT
       DISPLAY and SSH_ASKPASS
               If  ssh-add  needs  a passphrase, it will read the passphrase from the current terminal if it was
               run from a terminal.  If ssh-add does not have a terminal associated  with  it  but  DISPLAY  and
               SSH_ASKPASS  are  set,  it  will  execute  the  program  specified  by  SSH_ASKPASS  (by  default
               “ssh-askpass”) and open an X11 window to read the passphrase.  This is particularly  useful  when
               calling  ssh-add  from  a  .xsession  or  related  script.  (Note that on some machines it may be
               necessary to redirect the input from /dev/null to make this work.)

       SSH_AUTH_SOCK
               Identifies the path of a Unix-domain socket used to communicate with the agent.


FILES
       ~/.ssh/identity
               Contains the protocol version 1 RSA authentication identity of the user.

       ~/.ssh/id_dsa
               Contains the protocol version 2 DSA authentication identity of the user.

       ~/.ssh/id_ecdsa
               Contains the protocol version 2 ECDSA authentication identity of the user.

       ~/.ssh/id_ed25519
               Contains the protocol version 2 Ed25519 authentication identity of the user.

       ~/.ssh/id_rsa
               Contains the protocol version 2 RSA authentication identity of the user.

       Identity files should not be readable by anyone but the user.  Note that ssh-add ignores  identity  files
       if they are accessible by others.


EXIT STATUS
       Exit  status is 0 on success, 1 if the specified command fails, and 2 if ssh-add is unable to contact the
       authentication agent.


SEE ALSO
       ssh(1), ssh-agent(1), ssh-askpass(1), ssh-keygen(1), sshd(8)


AUTHORS
       OpenSSH is a derivative of the original and free ssh 1.2.12 release by Tatu Ylonen.  Aaron Campbell,  Bob
       Beck,  Markus Friedl, Niels Provos, Theo de Raadt and Dug Song removed many bugs, re-added newer features
       and created OpenSSH.  Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0.

Debian                                           March 30, 2015                                       SSH-ADD(1)