[Synopsis ] [Description ] [Options ] [Return status ] [Files ] [Authors ] [See also ]

ssh-add - adds identities for the authentication agent


ssh-add [-l] [-d] [-D] [file...]


Ssh-add adds identities to the authentication agent, ssh-agent. When run without arguments, it adds the file %HOME%/.ssh/identity. Alternative file names can be given on the command line. If any file requires a passphrase, ssh-add asks for the passphrase from the user.

The authentication agent must be running and must be an ancestor of the current process for ssh-add to work.


Lists all identities currently represented by the agent.
Instead of adding the identity, removes the identity from the agent.
Deletes all identities from the agent.

Return status

Ssh-add returns one of the following exit statuses. These may be useful in scripts.

The requested operation was performed successfully.
No connection could be made to the authentication agent. Presumably there is no authentication agent active in the execution environment of ssh-add.
The user did not supply a required passphrase.
An identify file could not be found, was not read­ able, or was in bad format.
The agent does not have the requested identity.
An unspecified error has occurred; this is a catchall for errors not listed above.


Contains the RSA authentication identity (public key) of the user. This file should not be readable by anyone but the user. It is possible to specify a passphrase when generating the key; that passphrase will be used to encrypt the private part of this file. This is the default file added by ssh-add when no other files have been specified.

If ssh-add needs a passphrase, it will read the passphrase from the current session if it was not started as a detached process.


Tatu Ylönen <ylo@cs.hut.fi>;
OS/2 adaptation by Hans-Michael Stahl <hmstahl@berlin.snafu.de>

See also

ssh-agent, ssh-keygen, ssh, sshd
Last update: 13 January 1997 by hmstahl@berlin.snafu.de