[Contents] [Index]

About This Document>>     Introduction to SSH Secure Shell >>     Configuring SSH Secure Shell >>     Authentication >>     Log Messages >>     Using SSH Secure Shell >>         Using the Secure Shell Server Daemon (sshd2)>>         Using the Secure Shell Client (ssh2)>>         Using Secure Copy (scp2)         Using Secure File Transfer (sftp2)         Using Authentication Agent (ssh-agent2, ssh-add2)     Tool Syntax>>     Technical Specifications >>

Using Authentication Agent (ssh-agent2, ssh-add2)

Ssh-agent2 is a program to hold private keys for authentication. With the Ssh-add2 command, you can add identities to the authentication agent. When you use the authentication agent, it will automatically be used for public-key authentication. This way, you only have to type the passphrase of your private key once to the agent. Authentication data does not have to be stored on any other machine than the local machine, and authentication passphrases or private keys never go over the network.

Start ssh-agent2 with the command

eval `ssh-agent2`

or with the command

exec ssh-agent $SHELL

After that, you can add identities like this:

% ssh-add2 id_dsa_1024_a
Adding identity: id_dsa_1024_a
Need passphrase for id_dsa_1024_a (1024-bit dsa,
      user@localhost, Tue Aug 01 2000 19:41:42).
Enter passphrase: 

When you connect to a remote host and use public-key authentication, you will get straight in.

If you want the connection to the agent to be forwarded over ssh remote logins, you should have this line in your /etc/ssh2/sshd2_config file:

AllowAgentForwarding            yes

The ssh-agent2 and ssh-add2 command-line options are documented in detail on the ssh-agent2(1) and ssh-add2(1) manual pages.