sshd-openpgp-auth-add(1) General Commands Manual sshd-openpgp-auth-add(1) NAME sshd-openpgp-auth-add - Add public SSH host keys as authentication subkeys to an OpenPGP certificate SYNOPSIS sshd-openpgp-auth add [-f|--fingerprint] [-k|--known-hosts] [-o|--openpgp-dir] [-S|--ssh-dir] [-s|--stdout] [-t|--time] [-h|--help] DESCRIPTION Add public SSH host keys as authentication subkeys to an OpenPGP certificate By default this command adds SSH host keys found in "/etc/ssh/" as authentication subkeys to an OpenPGP certificate in "/var/lib/sshd-openpgp-auth/". Custom locations for SSH public keys as well as OpenPGP certificates can be provided. If more than one OpenPGP certificate is found in the target directory, an OpenPGP fingerprint must be specified. When adding from SSH host key files the subkey creation time is derived from the file creation timestamp of the respective files. It is possible to add subkeys by piping a known_hosts formatted string to this command when using the "--known-hosts" option. When adding from stdin the current time is used for the subkey creation time. A custom creation time can be provided. OPTIONS -f, --fingerprint=FINGERPRINT An OpenPGP fingerprint to identify a specific certificate May also be specified with the SOA_FINGERPRINT environment variable. -k, --known-hosts Read the SSH public keys in known_hosts format from stdin instead of from a directory -o, --openpgp-dir=DIR A custom directory in which to look for OpenPGP certificates (defaults to "/var/lib/sshd-openpgp-auth/") May also be specified with the SOA_OPENPGP_DIR environment variable. -S, --ssh-dir=DIR A custom directory in which to look for SSH public keys (defaults to "/etc/ssh/") May also be specified with the SOA_SSH_DIR environment variable. -s, --stdout Output the OpenPGP certificate to stdout instead of a file -t, --time=TIME A custom reference time formatted as an RFC3339 string (defaults to now) May also be specified with the SOA_TIME environment variable. -h, --help Print help (see a summary with '-h') sshd-openpgp-auth-add sshd-openpgp-auth-add(1)