- markus@cvs.openbsd.org 2010/02/10 23:20:38

[ssh-add.1 ssh-keygen.1 ssh.1 ssh_config.5] pkcs#11 is no longer optional; improve wording; ok jmc@
author: Damien Miller <djm@mindrot.org> 2010-02-12 09:26:02 +1100
committer: Damien Miller <djm@mindrot.org> 2010-02-12 09:26:02 +1100
commit: a76184445530cb13ded5827546756471d7d423e2 (patch)
tree: ab15565a7058b0fb21635acb9be621825cd0ad5f
parent: 47cf16b8df67ce02866eefbe855174fa7dfbd359 (diff)
5 files changed, 17 insertions, 18 deletions
diff --git a/ChangeLog b/ChangeLog
index db0b19df4..1c532a6e4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -31,6 +31,9 @@
     [auth.c]
     unbreak ChrootDirectory+internal-sftp by skipping check for executable
     shell when chrooting; reported by danh AT wzrd.com; ok dtucker@
+   - markus@cvs.openbsd.org 2010/02/10 23:20:38
+     [ssh-add.1 ssh-keygen.1 ssh.1 ssh_config.5]
+     pkcs#11 is no longer optional; improve wording; ok jmc@
 20100210
 - (djm) add -lselinux to LIBS before calling AC_CHECK_FUNCS for
diff --git a/ssh-add.1 b/ssh-add.1
index 619209a19..0d5e39272 100644
--- a/ssh-add.1
+++ b/ssh-add.1
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: ssh-add.1,v 1.50 2010/02/08 22:03:05 jmc Exp $
+.\"     $OpenBSD: ssh-add.1,v 1.51 2010/02/10 23:20:38 markus Exp $
 .\"
 .\"  -*- nroff -*-
 .\"
@@ -37,7 +37,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: February 8 2010 $
+.Dd $Mdocdate: February 10 2010 $
 .Dt SSH-ADD 1
 .Os
 .Sh NAME
@@ -102,7 +102,7 @@ will append
 .Pa .pub
 and retry.
 .It Fl e Ar pkcs11
-Remove key provided by
+Remove keys provided by the PKCS#11 shared library
 .Ar pkcs11 .
 .It Fl L
 Lists public key parameters of all identities currently represented
@@ -110,7 +110,7 @@ by the agent.
 .It Fl l
 Lists fingerprints of all identities currently represented by the agent.
 .It Fl s Ar pkcs11
-Add key provided by
+Add keys provided by the PKCS#11 shared library
 .Ar pkcs11 .
 .It Fl t Ar life
 Set a maximum lifetime when adding identities to an agent.
diff --git a/ssh-keygen.1 b/ssh-keygen.1
index c0c323640..f09e1a100 100644
--- a/ssh-keygen.1
+++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: ssh-keygen.1,v 1.82 2010/02/08 22:03:05 jmc Exp $
+.\"     $OpenBSD: ssh-keygen.1,v 1.83 2010/02/10 23:20:38 markus Exp $
 .\"
 .\"  -*- nroff -*-
 .\"
@@ -37,7 +37,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: February 8 2010 $
+.Dd $Mdocdate: February 10 2010 $
 .Dt SSH-KEYGEN 1
 .Os
 .Sh NAME
@@ -199,9 +199,8 @@ This operation is only supported for RSA1 keys.
 The program will prompt for the file containing the private keys, for
 the passphrase if the key has one, and for the new comment.
 .It Fl D Ar pkcs11
-Download the RSA public keys stored in the
+Download the RSA public keys provided by the PKCS#11 shared library
-.Ar pkcs11
+.Ar pkcs11 .
-provider.
 .It Fl e
 This option will read a private or public OpenSSH key file and
 print the key in
diff --git a/ssh.1 b/ssh.1
index 4424e1f60..8fcc9b564 100644
--- a/ssh.1
+++ b/ssh.1
@@ -34,8 +34,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh.1,v 1.292 2010/02/08 22:03:05 jmc Exp $
+.\" $OpenBSD: ssh.1,v 1.293 2010/02/10 23:20:38 markus Exp $
-.Dd $Mdocdate: February 8 2010 $
+.Dd $Mdocdate: February 10 2010 $
 .Dt SSH 1
 .Os
 .Sh NAME
@@ -288,10 +288,8 @@ Allows remote hosts to connect to local forwarded ports.
 .It Fl I Ar pkcs11
 Specify the PKCS#11 shared libarary
 .Nm
-should use to communicate with a PKCS#11 token used for storing the user's
+should use to communicate with a PKCS#11 token providing the user's
 private RSA key.
-This option is only available if support for PKCS#11
-is compiled in (default is no support).
 .It Fl i Ar identity_file
 Selects a file from which the identity (private key) for
 RSA or DSA authentication is read.
diff --git a/ssh_config.5 b/ssh_config.5
index 350a8eacd..7ab5d02fd 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -34,8 +34,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh_config.5,v 1.127 2010/02/08 10:50:20 markus Exp $
+.\" $OpenBSD: ssh_config.5,v 1.128 2010/02/10 23:20:38 markus Exp $
-.Dd $Mdocdate: February 8 2010 $
+.Dd $Mdocdate: February 10 2010 $
 .Dt SSH_CONFIG 5
 .Os
 .Sh NAME
@@ -715,9 +715,8 @@ The default is
 Specifies which PKCS#11 provider to use.
 The argument to this keyword is the PKCS#11 shared libary
 .Xr ssh 1
-should use to communicate with a PKCS#11 token used for storing the user's
+should use to communicate with a PKCS#11 token providing the user's
 private RSA key.
-By default, no device is specified and PKCS#11 support is not activated.
 .It Cm Port
 Specifies the port number to connect on the remote host.
 The default is 22.
author	Damien Miller <djm@mindrot.org>	2010-02-12 09:26:02 +1100
committer	Damien Miller <djm@mindrot.org>	2010-02-12 09:26:02 +1100
commit	a76184445530cb13ded5827546756471d7d423e2 (patch)
tree	ab15565a7058b0fb21635acb9be621825cd0ad5f
parent	47cf16b8df67ce02866eefbe855174fa7dfbd359 (diff)

diff --git a/ChangeLog b/ChangeLog index db0b19df4..1c532a6e4 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -31,6 +31,9 @@
31	[auth.c]	31	[auth.c]
32	unbreak ChrootDirectory+internal-sftp by skipping check for executable	32	unbreak ChrootDirectory+internal-sftp by skipping check for executable
33	shell when chrooting; reported by danh AT wzrd.com; ok dtucker@	33	shell when chrooting; reported by danh AT wzrd.com; ok dtucker@
		34	- markus@cvs.openbsd.org 2010/02/10 23:20:38
		35	[ssh-add.1 ssh-keygen.1 ssh.1 ssh_config.5]
		36	pkcs#11 is no longer optional; improve wording; ok jmc@
34		37
35	20100210	38	20100210
36	- (djm) add -lselinux to LIBS before calling AC_CHECK_FUNCS for	39	- (djm) add -lselinux to LIBS before calling AC_CHECK_FUNCS for


diff --git a/ssh-add.1 b/ssh-add.1 index 619209a19..0d5e39272 100644 --- a/ssh-add.1 +++ b/ssh-add.1
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: ssh-add.1,v 1.50 2010/02/08 22:03:05 jmc Exp $	1	.\" $OpenBSD: ssh-add.1,v 1.51 2010/02/10 23:20:38 markus Exp $
2	.\"	2	.\"
3	.\" -- nroff --	3	.\" -- nroff --
4	.\"	4	.\"
@@ -37,7 +37,7 @@
37	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	37	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
38	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	38	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
39	.\"	39	.\"
40	.Dd $Mdocdate: February 8 2010 $	40	.Dd $Mdocdate: February 10 2010 $
41	.Dt SSH-ADD 1	41	.Dt SSH-ADD 1
42	.Os	42	.Os
43	.Sh NAME	43	.Sh NAME
@@ -102,7 +102,7 @@ will append
102	.Pa .pub	102	.Pa .pub
103	and retry.	103	and retry.
104	.It Fl e Ar pkcs11	104	.It Fl e Ar pkcs11
105	Remove key provided by	105	Remove keys provided by the PKCS#11 shared library
106	.Ar pkcs11 .	106	.Ar pkcs11 .
107	.It Fl L	107	.It Fl L
108	Lists public key parameters of all identities currently represented	108	Lists public key parameters of all identities currently represented
@@ -110,7 +110,7 @@ by the agent.
110	.It Fl l	110	.It Fl l
111	Lists fingerprints of all identities currently represented by the agent.	111	Lists fingerprints of all identities currently represented by the agent.
112	.It Fl s Ar pkcs11	112	.It Fl s Ar pkcs11
113	Add key provided by	113	Add keys provided by the PKCS#11 shared library
114	.Ar pkcs11 .	114	.Ar pkcs11 .
115	.It Fl t Ar life	115	.It Fl t Ar life
116	Set a maximum lifetime when adding identities to an agent.	116	Set a maximum lifetime when adding identities to an agent.


diff --git a/ssh-keygen.1 b/ssh-keygen.1 index c0c323640..f09e1a100 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: ssh-keygen.1,v 1.82 2010/02/08 22:03:05 jmc Exp $	1	.\" $OpenBSD: ssh-keygen.1,v 1.83 2010/02/10 23:20:38 markus Exp $
2	.\"	2	.\"
3	.\" -- nroff --	3	.\" -- nroff --
4	.\"	4	.\"
@@ -37,7 +37,7 @@
37	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	37	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
38	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	38	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
39	.\"	39	.\"
40	.Dd $Mdocdate: February 8 2010 $	40	.Dd $Mdocdate: February 10 2010 $
41	.Dt SSH-KEYGEN 1	41	.Dt SSH-KEYGEN 1
42	.Os	42	.Os
43	.Sh NAME	43	.Sh NAME
@@ -199,9 +199,8 @@ This operation is only supported for RSA1 keys.
199	The program will prompt for the file containing the private keys, for	199	The program will prompt for the file containing the private keys, for
200	the passphrase if the key has one, and for the new comment.	200	the passphrase if the key has one, and for the new comment.
201	.It Fl D Ar pkcs11	201	.It Fl D Ar pkcs11
202	Download the RSA public keys stored in the	202	Download the RSA public keys provided by the PKCS#11 shared library
203	.Ar pkcs11	203	.Ar pkcs11 .
204	provider.
205	.It Fl e	204	.It Fl e
206	This option will read a private or public OpenSSH key file and	205	This option will read a private or public OpenSSH key file and
207	print the key in	206	print the key in


diff --git a/ssh.1 b/ssh.1 index 4424e1f60..8fcc9b564 100644 --- a/ssh.1 +++ b/ssh.1
@@ -34,8 +34,8 @@
34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36	.\"	36	.\"
37	.\" $OpenBSD: ssh.1,v 1.292 2010/02/08 22:03:05 jmc Exp $	37	.\" $OpenBSD: ssh.1,v 1.293 2010/02/10 23:20:38 markus Exp $
38	.Dd $Mdocdate: February 8 2010 $	38	.Dd $Mdocdate: February 10 2010 $
39	.Dt SSH 1	39	.Dt SSH 1
40	.Os	40	.Os
41	.Sh NAME	41	.Sh NAME
@@ -288,10 +288,8 @@ Allows remote hosts to connect to local forwarded ports.
288	.It Fl I Ar pkcs11	288	.It Fl I Ar pkcs11
289	Specify the PKCS#11 shared libarary	289	Specify the PKCS#11 shared libarary
290	.Nm	290	.Nm
291	should use to communicate with a PKCS#11 token used for storing the user's	291	should use to communicate with a PKCS#11 token providing the user's
292	private RSA key.	292	private RSA key.
293	This option is only available if support for PKCS#11
294	is compiled in (default is no support).
295	.It Fl i Ar identity_file	293	.It Fl i Ar identity_file
296	Selects a file from which the identity (private key) for	294	Selects a file from which the identity (private key) for
297	RSA or DSA authentication is read.	295	RSA or DSA authentication is read.


diff --git a/ssh_config.5 b/ssh_config.5 index 350a8eacd..7ab5d02fd 100644 --- a/ssh_config.5 +++ b/ssh_config.5
@@ -34,8 +34,8 @@
34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36	.\"	36	.\"
37	.\" $OpenBSD: ssh_config.5,v 1.127 2010/02/08 10:50:20 markus Exp $	37	.\" $OpenBSD: ssh_config.5,v 1.128 2010/02/10 23:20:38 markus Exp $
38	.Dd $Mdocdate: February 8 2010 $	38	.Dd $Mdocdate: February 10 2010 $
39	.Dt SSH_CONFIG 5	39	.Dt SSH_CONFIG 5
40	.Os	40	.Os
41	.Sh NAME	41	.Sh NAME
@@ -715,9 +715,8 @@ The default is
715	Specifies which PKCS#11 provider to use.	715	Specifies which PKCS#11 provider to use.
716	The argument to this keyword is the PKCS#11 shared libary	716	The argument to this keyword is the PKCS#11 shared libary
717	.Xr ssh 1	717	.Xr ssh 1
718	should use to communicate with a PKCS#11 token used for storing the user's	718	should use to communicate with a PKCS#11 token providing the user's
719	private RSA key.	719	private RSA key.
720	By default, no device is specified and PKCS#11 support is not activated.
721	.It Cm Port	720	.It Cm Port
722	Specifies the port number to connect on the remote host.	721	Specifies the port number to connect on the remote host.
723	The default is 22.	722	The default is 22.