The ssh-add command adds private key identities to the SSH key agent. If the key is protected by a password, the user only needs to enter the password once, and the agent will automatically authenticate the user.
ssh-add has a few decent options available, some of which are handy to know about.
-l will allow you to see loaded identities, along with their fingerprints:
$ ssh-add -l 256 SHA256:P7FdkmbQQFoy37avbKBfzMpEhVUaBY0TljwYJyNxzUI vagrant@centos1 (ED25519)
-D will allow you to remove all identities (and -d can be used to remove specific ones):
$ ssh-add -D All identities removed.
-x will lock an agent, while -X will unlock it:
$ ssh-add -l 256 SHA256:P7FdkmbQQFoy37avbKBfzMpEhVUaBY0TljwYJyNxzUI vagrant@centos1 (ED25519)
$ ssh-add -x Enter lock password: Again: Agent locked.
$ ssh-add -l The agent has no identities.
$ ssh-add -X Enter lock password: Agent unlocked.
$ ssh-add -l 256 SHA256:P7FdkmbQQFoy37avbKBfzMpEhVUaBY0TljwYJyNxzUI vagrant@centos1 (ED25519)
If you encounter the below error while running the ssh-add command:
ssh-add: command not found
you may try installing the below package as per your choice of distribution:
OS Distribution | Command |
---|---|
OS X | brew install openssh |
Debian | apt-get install openssh-client |
Ubuntu | apt-get install openssh-client |
Alpine | apk add openssh |
Arch Linux | pacman -S openssh |
Kali Linux | apt-get install openssh-client |
CentOS | yum install openssh-clients |
Fedora | dnf install openssh-clients |
Raspbian | apt-get install openssh-client |
ssh-add Command Examples
1. Add the default ssh keys in `~/.ssh` to the ssh-agent:
# ssh-add
2. Add a specific key to the ssh-agent:
# ssh-add path/to/private_key
3. List fingerprints of currently loaded keys:
# ssh-add -l
4. Delete a key from the ssh-agent:
# ssh-add -d path/to/private_key
5. Delete all currently loaded keys from the ssh-agent:
# ssh-add -D
6. Add a key to the ssh-agent and the keychain:
# ssh-add -K path/to/private_key