Using the SSH_ADD Utility
» Table of Contents |  |  | » Glossary | | | » Index | | |
| | |
| ||
| ||
The SSH_ADD utility adds private keys into the authentication agent. The authentication agent must have been started, usually with the SSH_AGENT utility, and must be running in a subprocess of the current process.
If a private key requires a passphrase, the SSH_ADD utility prompts you to enter it. Passphrases never go over the network.
For SSH_ADD to process a key, both the private and public key files must be present in the same directory. On OpenVMS, a public key file name must have the file extension .PUB (for example, MYKEY.PUB). A private key file name has no file extension (for example, MYKEY.).
The files... parameter specifies one or more public or private key files to load. If you do not specify any key files, SSH_ADD reads the client configuration file (SSH2_CONFIG.) and the IDENTIFICATION. file. If these files do not exist, SSH_ADD exits with an error message. SSH_ADD adds the keys listed in the IDENTIFICATION. file. The utility then adds any private key files it finds in the user's SSH directory. Note that any file names in the SSH directory that begin with the letters "id" and that do not have the file extension .PUB are assumed to be key files. For example, a file named id_22.txt causes SSH_ADD to fail.
Table 7–5 describes the options you can use with the SSH_ADD command.
Table 7-5 SSH_ADD Command Options
| Options | Description |
|---|---|
| -l | Lists all identities currently represented by the agent. |
| -d | Removes the identity from the agent. |
| -D | Deletes all identities from the agent. |
SSH_ADD returns one of the following exit codes in the case of an error:
| TCPIP$_SSH_ADD2_EXIT_NOAGENT -- No connection could be made to the authentication agent. Presumably there is no authentication agent active in the execution environment of the SSH_ADD utility. |
| TCPIP$_SSH_ADD2_EXIT_BADPASS -- The user did not supply a required passphrase. |
| TCPIP$_SSH_ADD2_EXIT_NOFILE -- An identity file could not be found, was unreadable, or was in the wrong format. |
| TCPIP$_SSH_ADD2_EXIT_NOIDENTITY -- The agent does not have the requested identity. |
| TCPIP$_SSH_ADD2_EXIT_ERROR -- An unspecified error has occurred. |
In this example, the SSH_AGENT is not running:
$ SSH_ADD Failed to connect to authentication agent -- agent not running? %TCPIP-E-SSH_ADD2_EXIT_N, no connection could be made to the authentication agent
In this example, SSH_ADD adds the keys it finds in the IDENTIFICATION. file:
$ SSH_ADD Unable to open ssh2/ssh2_config Unable to open ssh2/identification Adding identity: ssh2/id_dsa_1024_a.pub Need passphrase for "ssh2/id_dsa_1024_a." (1024-bit dsa, kathy@host.computer.com, Mon Aug 11 2003 15:39:46). Enter passphrase: