diff options
author | Damien Miller <djm@mindrot.org> | 2010-04-18 08:08:03 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2010-04-18 08:08:03 +1000 |
commit | 1f181425e9c66781043c205339098c1b89aaac70 (patch) | |
tree | bdbb2a08f5ffdc068fd41a05be2677ca36465815 | |
parent | c4eddee1b7281dc076f8539569ca78291dde8103 (diff) |
- jmc@cvs.openbsd.org 2010/04/16 06:47:04
[ssh-keygen.1 ssh-keygen.c]
tweak previous; ok djm
-rw-r--r-- | ChangeLog | 3 | ||||
-rw-r--r-- | ssh-keygen.1 | 6 | ||||
-rw-r--r-- | ssh-keygen.c | 5 |
3 files changed, 9 insertions, 5 deletions
@@ -3,6 +3,9 @@ | |||
3 | - jmc@cvs.openbsd.org 2010/04/16 06:45:01 | 3 | - jmc@cvs.openbsd.org 2010/04/16 06:45:01 |
4 | [ssh_config.5] | 4 | [ssh_config.5] |
5 | tweak previous; ok djm | 5 | tweak previous; ok djm |
6 | - jmc@cvs.openbsd.org 2010/04/16 06:47:04 | ||
7 | [ssh-keygen.1 ssh-keygen.c] | ||
8 | tweak previous; ok djm | ||
6 | 9 | ||
7 | 20100416 | 10 | 20100416 |
8 | - (djm) Release openssh-5.5p1 | 11 | - (djm) Release openssh-5.5p1 |
diff --git a/ssh-keygen.1 b/ssh-keygen.1 index aacd4d3dc..26ae31f5e 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1 | |||
@@ -1,4 +1,4 @@ | |||
1 | .\" $OpenBSD: ssh-keygen.1,v 1.93 2010/04/16 01:47:26 djm Exp $ | 1 | .\" $OpenBSD: ssh-keygen.1,v 1.94 2010/04/16 06:47:04 jmc Exp $ |
2 | .\" | 2 | .\" |
3 | .\" -*- nroff -*- | 3 | .\" -*- nroff -*- |
4 | .\" | 4 | .\" |
@@ -506,7 +506,7 @@ that both ends of a connection share common moduli. | |||
506 | supports signing of keys to produce certificates that may be used for | 506 | supports signing of keys to produce certificates that may be used for |
507 | user or host authentication. | 507 | user or host authentication. |
508 | Certificates consist of a public key, some identity information, zero or | 508 | Certificates consist of a public key, some identity information, zero or |
509 | more principal (user or host) names and an optional set of options that | 509 | more principal (user or host) names and a set of options that |
510 | are signed by a Certification Authority (CA) key. | 510 | are signed by a Certification Authority (CA) key. |
511 | Clients or servers may then trust only the CA key and verify its signature | 511 | Clients or servers may then trust only the CA key and verify its signature |
512 | on a certificate rather than trusting many user/host keys. | 512 | on a certificate rather than trusting many user/host keys. |
@@ -546,7 +546,7 @@ To generate a certificate for a specified set of principals: | |||
546 | .Dl "$ ssh-keygen -s ca_key -I key_id -h -n host.domain user_key.pub" | 546 | .Dl "$ ssh-keygen -s ca_key -I key_id -h -n host.domain user_key.pub" |
547 | .Pp | 547 | .Pp |
548 | Additional limitations on the validity and use of user certificates may | 548 | Additional limitations on the validity and use of user certificates may |
549 | be specified through certificate options.. | 549 | be specified through certificate options. |
550 | A certificate option may disable features of the SSH session, may be | 550 | A certificate option may disable features of the SSH session, may be |
551 | valid only when presented from particular source addresses or may | 551 | valid only when presented from particular source addresses or may |
552 | force the use of a specific command. | 552 | force the use of a specific command. |
diff --git a/ssh-keygen.c b/ssh-keygen.c index 8938dc051..f0ddd4cfc 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-keygen.c,v 1.186 2010/04/16 01:47:26 djm Exp $ */ | 1 | /* $OpenBSD: ssh-keygen.c,v 1.187 2010/04/16 06:47:04 jmc Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -1531,7 +1531,7 @@ usage(void) | |||
1531 | fprintf(stderr, " -M memory Amount of memory (MB) to use for generating DH-GEX moduli.\n"); | 1531 | fprintf(stderr, " -M memory Amount of memory (MB) to use for generating DH-GEX moduli.\n"); |
1532 | fprintf(stderr, " -n name,... User/host principal names to include in certificate\n"); | 1532 | fprintf(stderr, " -n name,... User/host principal names to include in certificate\n"); |
1533 | fprintf(stderr, " -N phrase Provide new passphrase.\n"); | 1533 | fprintf(stderr, " -N phrase Provide new passphrase.\n"); |
1534 | fprintf(stderr, " -O cnstr Specify a certificate option.\n"); | 1534 | fprintf(stderr, " -O option Specify a certificate option.\n"); |
1535 | fprintf(stderr, " -P phrase Provide old passphrase.\n"); | 1535 | fprintf(stderr, " -P phrase Provide old passphrase.\n"); |
1536 | fprintf(stderr, " -p Change passphrase of private key file.\n"); | 1536 | fprintf(stderr, " -p Change passphrase of private key file.\n"); |
1537 | fprintf(stderr, " -q Quiet.\n"); | 1537 | fprintf(stderr, " -q Quiet.\n"); |
@@ -1545,6 +1545,7 @@ usage(void) | |||
1545 | fprintf(stderr, " -v Verbose.\n"); | 1545 | fprintf(stderr, " -v Verbose.\n"); |
1546 | fprintf(stderr, " -W gen Generator to use for generating DH-GEX moduli.\n"); | 1546 | fprintf(stderr, " -W gen Generator to use for generating DH-GEX moduli.\n"); |
1547 | fprintf(stderr, " -y Read private key file and print public key.\n"); | 1547 | fprintf(stderr, " -y Read private key file and print public key.\n"); |
1548 | fprintf(stderr, " -z serial Specify a serial number.\n"); | ||
1548 | 1549 | ||
1549 | exit(1); | 1550 | exit(1); |
1550 | } | 1551 | } |