ssh-add 命令

常用示例

说明

ssh-add adds private key identities to the ssh-agent authentication agent. Without arguments, it attempts to add ~/.ssh/id_rsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ed25519, and corresponding FIDO keys. Once keys are added to the agent, SSH can authenticate without requiring the passphrase for each connection. The agent must be running and the SSH_AUTH_SOCK environment variable must be set. If a key requires a passphrase, ssh-add prompts from the terminal. The SSH_ASKPASS environment variable can specify a graphical password prompt program.

参数

-l

List fingerprints of all identities in the agent

-L

List public key parameters of all identities

-d

Remove specified identity from the agent

-D

Remove all identities from the agent

-t _life_

Set maximum lifetime for added keys (in seconds or sshd_config time format)

-x

Lock the agent with a password

-X

Unlock the agent

-k

Process plain private keys only; skip certificates

-K

Load resident keys from a FIDO authenticator

-c

Require confirmation before using the key

-q

Suppress output after successful operations

-E _hash_

Specify fingerprint hash algorithm (md5 or sha256)

-s _pkcs11_

Add keys from a PKCS#11 shared library

-e _pkcs11_

Remove keys provided by a PKCS#11 shared library

-T _pubkey_

Test whether private keys are usable by performing sign and verify

-v

Verbose mode for debugging