Contents of /keychain/keychain.1

Parent Directory Parent Directory | Revision Log Revision Log

Revision 1.3 - (show annotations) (download)
Wed Apr 21 22:41:13 2004 UTC (16 years, 5 months ago) by agriffis
Branch: MAIN
Changes since 1.2: +0 -0 lines
finally commit my keychain changes... version 2.2.0

1 .TH "KEYCHAIN" "1" "Mar 2003" "Keychain 2.0.3" "keychain"
2 .SH "NAME"
3 keychain \- a program designed to keep ssh-agent processes alive across multiple logins.
5 .BI "keychain [" options "] [" keys... ]
7 .BR keychain (1)
8 is an OpenSSH key manager, typically run from ~/.bash_profile. When run, it
9 will make sure ssh-agent is running; if not, it will start ssh-agent. It
10 will redirect ssh-agent's output to ~/.keychain/[hostname]-sh, so that cron
11 jobs that need to use ssh-agent keys can simply source this file and make the
12 necessary passwordless ssh connections. In addition, when keychain runs, it
13 will check with ssh-agent and make sure that the ssh RSA/DSA keys that you
14 specified on the keychain command line have actually been added to ssh-agent.
15 If not, you are prompted for the appropriate passphrases so that they can be
16 added by keychain.
17 .SH "USAGE"
18 Typically, one uses keychain by adding the following to the top of their ~/.bash_profile (or ~/.zlogin, in case of zsh):
19 .PP
20 keychain ~/.ssh/id_rsa ~/.ssh/id_dsa
21 .br
22 . ~/.keychain/${HOSTNAME}-sh
23 .PP
24 # alt. syntax: . ~/.keychain/`uname -n`-sh
25 .br
26 # note the use of back-quotes (`) rather than single-quotes (') above.
27 .br
28 # We now include the hostname (`uname -n`) in the keychain filename
29 .br
30 # for NFS-compatibility.
31 .PP
32 You can make keychain work with your csh-compatible shell by adding the following to your .cshrc:
33 .PP
34 keychain ~/.ssh/id_rsa ~/.ssh/id_dsa
35 .br
36 source ~/.keychain/${HOSTNAME}-csh
37 .PP
38 Keychain allows all your apps and cron jobs to use a single ssh-agent process as an authentication agent. By default, the ssh-agent started by keychain is long-running and will continue to run, even after you have logged out from the system. If you'd like to tighten up security a bit, take a look at the --clear option, described below.
40 .TP
41 .B "\-\-clear"
42 Tells keychain to delete all of ssh-agent's host keys. Typically, This is used in the ~/.bash_profile. The theory behind this is that keychain should assume that you are an intruder until proven otherwise. However, while this option increases security, it still allows your cron jobs to use your ssh keys when you're logged out.
43 .TP
44 .B "\-\-dir [directoryname]"
45 Keychain will look in \fB[directoryname]\fR for the .keychain file, rather than your home directory.
46 .TP
47 .B "\-\-noask"
48 This option tells keychain do everything it normally does (ensure ssh-agent is running, set up the ~/.keychain/[hostname]-{c}sh files) except that it will not prompt you to add any of the keys you specified if they haven't yet been added to ssh-agent.
49 .TP
50 .B "\-\-nocolor"
51 This option disables color highlighting for non vt-100-compatible terms.
52 .TP
53 .B "\-\-stop, \-k"
54 This option tells keychain to stop all running ssh-agent processes, and then exit.
55 .TP
56 .B "\-\-quiet, \-q"
57 This option tells keychain to turn off verbose mode and only print error messages and interactive messages. This is useful for login scripts etc.
58 .SH "BUGS"
59 On some UNIX systems, keychain conflicts with the gnome session manager, which attempts to start an ssh-agent process of its own. This is fixed by modifying the global gnomerc file to use keychain as its ssh-agent instead of ssh-agent itself.
60 .PP
61 Please submit any
62 .BR keychain (1)
63 bugs to http://bugs.gentoo.org/ under Gentoo Hosted Projects.
65 Original Author: Daniel Robbins <drobbins@gentoo.org>
66 .br
67 Current Maintainer: Seth Chandler <sethbc@gentoo.org>
69 .BR ssh-agent (1)

  ViewVC Help
Powered by ViewVC 1.1.20