upstream commit

mention ssh-keygen -E for comparing legacy MD5 fingerprints; bz#2332 Upstream-ID: 079a3669549041dbf10dbc072d9563f0dc3b2859
author: djm@openbsd.org <djm@openbsd.org> 2015-05-22 05:28:45 +0000
committer: Damien Miller <djm@mindrot.org> 2015-05-22 20:02:19 +1000
commit: f948737449257d2cb83ffcfe7275eb79b677fd4a (patch)
tree: d54dc7a83f8f97322a8b1534fc835aafe4697941
parent: 0882332616e4f0272c31cc47bf2018f9cb258a4e (diff)
1 files changed, 7 insertions, 2 deletions
diff --git a/ssh.1 b/ssh.1
index dd01b9787..df7ac86af 100644
--- a/ssh.1
+++ b/ssh.1
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh.1,v 1.357 2015/05/06 05:45:17 dtucker Exp $
+.\" $OpenBSD: ssh.1,v 1.358 2015/05/22 05:28:45 djm Exp $
-.Dd $Mdocdate: May 6 2015 $
+.Dd $Mdocdate: May 22 2015 $
 .Dt SSH 1
 .Os
 .Sh NAME
@@ -1106,6 +1106,11 @@ Fingerprints can be determined using
 .Pp
 If the fingerprint is already known, it can be matched
 and the key can be accepted or rejected.
+If only legacy (MD5) fingerprints for the server are available, the
+.Xr ssh-keygen 1
+.Fl E
+option may be used to downgrade the fingerprint algorithm to match.
+.Pp
 Because of the difficulty of comparing host keys
 just by looking at fingerprint strings,
 there is also support to compare host keys visually,
author	djm@openbsd.org <djm@openbsd.org>	2015-05-22 05:28:45 +0000
committer	Damien Miller <djm@mindrot.org>	2015-05-22 20:02:19 +1000
commit	f948737449257d2cb83ffcfe7275eb79b677fd4a (patch)
tree	d54dc7a83f8f97322a8b1534fc835aafe4697941
parent	0882332616e4f0272c31cc47bf2018f9cb258a4e (diff)

diff --git a/ssh.1 b/ssh.1 index dd01b9787..df7ac86af 100644 --- a/ssh.1 +++ b/ssh.1
@@ -33,8 +33,8 @@
33	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	33	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	34	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35	.\"	35	.\"
36	.\" $OpenBSD: ssh.1,v 1.357 2015/05/06 05:45:17 dtucker Exp $	36	.\" $OpenBSD: ssh.1,v 1.358 2015/05/22 05:28:45 djm Exp $
37	.Dd $Mdocdate: May 6 2015 $	37	.Dd $Mdocdate: May 22 2015 $
38	.Dt SSH 1	38	.Dt SSH 1
39	.Os	39	.Os
40	.Sh NAME	40	.Sh NAME
@@ -1106,6 +1106,11 @@ Fingerprints can be determined using
1106	.Pp	1106	.Pp
1107	If the fingerprint is already known, it can be matched	1107	If the fingerprint is already known, it can be matched
1108	and the key can be accepted or rejected.	1108	and the key can be accepted or rejected.
		1109	If only legacy (MD5) fingerprints for the server are available, the
		1110	.Xr ssh-keygen 1
		1111	.Fl E
		1112	option may be used to downgrade the fingerprint algorithm to match.
		1113	.Pp
1109	Because of the difficulty of comparing host keys	1114	Because of the difficulty of comparing host keys
1110	just by looking at fingerprint strings,	1115	just by looking at fingerprint strings,
1111	there is also support to compare host keys visually,	1116	there is also support to compare host keys visually,