Blob
1 .TH SSH-AGENT 12 .SH NAME3 ssh-agent \- SSH authentication agent4 .SH SYNOPSIS5 .B ssh-agent6 [7 .B -l8 ]9 .I factotum-service10 .SH DESCRIPTION11 .I Ssh-agent12 presents13 .IR factotum (4)14 using the interface that15 .IR ssh (1)16 requires.17 .PP18 Once19 .I ssh-agent20 and21 .I factotum22 are running, the standard Unix SSH client23 can use24 .I ssh-agent25 (and, indirectly,26 .IR factotum )27 to authenticate to remote systems using RSA or DSA keys.28 .PP29 .I Ssh30 accesses31 .I ssh-agent32 via a Unix socket named33 .B ssh-agent.socket34 in the name space directory35 (see36 .IR intro (4)).37 Note that although the socket is posted in the name space38 directory, it is not for 9P conversations.39 .I Ssh40 expects the name of this socket to be in the environment as41 .BR $SSH_AGENT_SOCK ,42 and expects the agent to be running with process id43 .BR $SSH_AGENT_PID .44 .I Ssh-agent45 prints shell commands to set these two variables46 before forking itself into the background.47 It is typically invoked inside a shell48 .B eval49 construct; see the examples below.50 The51 .B -e52 option causes53 .I ssh-agent54 to include55 .B export56 commands to put the variables into the environment of future programs.57 .PP58 If the59 .B -l60 option is given,61 .I ssh-agent62 lists the usable63 .I factotum64 keys in the standard SSH format, suitable for creating an65 .B authorized_keys66 file.67 .PP68 .I Ssh-agent69 connects to70 .I factotum71 by accessing72 .I factotum-service73 (default74 .RB ` factotum ')75 in the current name space.76 .PP77 There is a Unix program called78 .I ssh-agent79 that manages SSH keys itself.80 Invoke this one with81 .B 982 .BR ssh-agent ;83 see84 .IR 9 (1).85 .SH EXAMPLES86 Assume87 .IR factotum (4)88 is already running and initialized with keys.89 .PP90 Start a new agent, copying the commands by hand:91 .IP92 .EX93 $ 9 ssh-agent -e94 SSH_AUTH_SOCK=/tmp/ssh-405795003d7ee27a/agent.4233;95 export SSH_AUTH_SOCK;96 SSH_AGENT_PID=4233;97 export SSH_AGENT_PID;98 $ SSH_AUTH_SOCK=/tmp/ssh-405795003d7ee27a/agent.4233;99 $ export SSH_AUTH_SOCK;100 $ SSH_AGENT_PID=4233;101 $ export SSH_AGENT_PID;102 $103 .EE104 .PP105 Start the agent from106 .IR sh (1):107 .IP108 .EX109 $ eval `9 ssh-agent -e`110 $111 .EE112 .PP113 Start the agent from114 .IR rc (1):115 .IP116 .EX117 % eval `{9 ssh-agent}118 %119 .EE120 .PP121 Use the agent to connect to a remote system:122 .IP123 .EX124 % ssh tux125 tux% ^D126 %127 .EE128 .SH SOURCE129 .B \*9/src/cmd/auth/ssh-agent.c130 .SH SEE ALSO131 .IR ssh (1),132 .IR rsa (1),133 .IR factotum (4)134 .SH BUGS135 A surprise rather than a bug:136 .I ssh-agent137 connects to factotum on demand, so it can be138 started before139 .I factotum140 is running and need not be restarted just because141 .I factotum142 is.