'\" t .\" Title: ssh-tpm-add .\" Author: [see the "AUTHOR(S)" section] .\" Generator: Asciidoctor 2.0.23 .\" Date: 2025-03-27 .\" Manual: ssh-tpm-add manual .\" Source: ssh-tpm-agent .\" Language: English .\" .TH "SSH\-TPM\-ADD" "1" "2025-03-27" "ssh\-tpm\-agent" "ssh\-tpm\-add manual" .ie \n(.g .ds Aq \(aq .el .ds Aq ' .ss \n[.ss] 0 .nh .ad l .de URL \fI\\$2\fP <\\$1>\\$3 .. .als MTO URL .if \n[.g] \{\ . mso www.tmac . am URL . ad l . . . am MTO . ad l . . . LINKSTYLE blue R < > .\} .SH "NAME" ssh-tpm-add \- adds private keys to the *ssh\-tpm\-agent* .SH "SYNOPSIS" .sp \fBssh\-tpm\-add\fP .sp \fBssh\-tpm\-add\fP [\fIPATH\fP ...] .SH "DESCRIPTION" .sp \fBssh\-tpm\-add\fP adds TPM wrapped private keys to \fBssh\-tpm\-agent\fP(1). Any specified keys as arguments are added to the running agent. .sp It requires the environment variable \fBSSH_TPM_AUTH_SOCK\fP to point at an active UNIX domain socket with an agent listening. .sp If no files are given it will try to load the default keys \fB~/.ssh/id_ecdsa.tpm\fP and \fB~/.ssh/id_rsa.tpm\fP. .SH "ENVIRONMENT" .sp \fBSSH_TPM_AUTH_SOCK\fP .RS 4 Identifies the path of a unix\-domain socket for communication with the agent. .sp Default to \fI/var/tmp/ssh\-tpm\-agent.sock\fP. .RE .SH "FILES" .sp \fI~/ssh/id_rsa.tpm\fP, \fI~/ssh/id_ecdsa.tpm\fP .RS 4 Contains the ssh private keys used by \fBssh\-tpm\-agent\fP. They are TPM 2.0 TSS key files and securely wrapped by the TPM. They can be shared publicly as they can only be used by the TPM they where created on. However it is probably better to not do that. .RE .sp \fI~/ssh/id_rsa.pub\fP, \fI~/ssh/id_ecdsa.pub\fP .RS 4 Contains the ssh public keys. These can be shared publicly, and is the same format as the ones created by \fBssh\-keygen\fP(1). .RE .SH "SEE ALSO" .sp \fBssh\-add\fP(1), \fBssh\-agent\fP(1), \fBssh\fP(1), \fBssh\-tpm\-keygen\fP(1), \fBssh\-keygen\fP(1) .SH "NOTES, STANDARDS AND OTHER" .sp .URL "https://www.hansenpartnership.com/draft\-bottomley\-tpm2\-keys.html" "ASN.1 Specification for TPM 2.0 Key Files" ""