diff options
author | Colin Watson <cjwatson@debian.org> | 2020-02-21 11:57:14 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2020-02-21 14:27:02 +0000 |
commit | 886e47e745586c34e81cfd5c5fb9b5dbc8e84d04 (patch) | |
tree | dd6c3b4dc64a17c520af7aaf213163f8a0a63e56 /ssh-keygen.0 | |
parent | ac2b4c0697fcac554041ab95f81736887eadf6ec (diff) | |
parent | a2dabf35ce0228c86a288d11cc847a9d9801604f (diff) |
New upstream release (8.2p1)
Diffstat (limited to 'ssh-keygen.0')
-rw-r--r-- | ssh-keygen.0 | 375 |
1 files changed, 235 insertions, 140 deletions
diff --git a/ssh-keygen.0 b/ssh-keygen.0 index b68736c11..703739004 100644 --- a/ssh-keygen.0 +++ b/ssh-keygen.0 | |||
@@ -1,11 +1,12 @@ | |||
1 | SSH-KEYGEN(1) General Commands Manual SSH-KEYGEN(1) | 1 | SSH-KEYGEN(1) General Commands Manual SSH-KEYGEN(1) |
2 | 2 | ||
3 | NAME | 3 | NAME |
4 | ssh-keygen M-bM-^@M-^S authentication key generation, management and conversion | 4 | ssh-keygen M-bM-^@M-^S OpenSSH authentication key utility |
5 | 5 | ||
6 | SYNOPSIS | 6 | SYNOPSIS |
7 | ssh-keygen [-q] [-b bits] [-C comment] [-f output_keyfile] [-m format] | 7 | ssh-keygen [-q] [-b bits] [-C comment] [-f output_keyfile] [-m format] |
8 | [-N new_passphrase] [-t dsa | ecdsa | ed25519 | rsa] | 8 | [-t dsa | ecdsa | ecdsa-sk | ed25519 | ed25519-sk | rsa] |
9 | [-N new_passphrase] [-O option] [-w provider] | ||
9 | ssh-keygen -p [-f keyfile] [-m format] [-N new_passphrase] | 10 | ssh-keygen -p [-f keyfile] [-m format] [-N new_passphrase] |
10 | [-P old_passphrase] | 11 | [-P old_passphrase] |
11 | ssh-keygen -i [-f input_keyfile] [-m key_format] | 12 | ssh-keygen -i [-f input_keyfile] [-m key_format] |
@@ -17,11 +18,11 @@ SYNOPSIS | |||
17 | ssh-keygen -D pkcs11 | 18 | ssh-keygen -D pkcs11 |
18 | ssh-keygen -F hostname [-lv] [-f known_hosts_file] | 19 | ssh-keygen -F hostname [-lv] [-f known_hosts_file] |
19 | ssh-keygen -H [-f known_hosts_file] | 20 | ssh-keygen -H [-f known_hosts_file] |
21 | ssh-keygen -K [-w provider] | ||
20 | ssh-keygen -R hostname [-f known_hosts_file] | 22 | ssh-keygen -R hostname [-f known_hosts_file] |
21 | ssh-keygen -r hostname [-g] [-f input_keyfile] | 23 | ssh-keygen -r hostname [-g] [-f input_keyfile] |
22 | ssh-keygen -G output_file [-v] [-b bits] [-M memory] [-S start_point] | 24 | ssh-keygen -M generate [-O option] output_file |
23 | ssh-keygen -f input_file -T output_file [-v] [-a rounds] [-J num_lines] | 25 | ssh-keygen -M screen [-f input_file] [-O option] output_file |
24 | [-j start_line] [-K checkpt] [-W generator] | ||
25 | ssh-keygen -I certificate_identity -s ca_key [-hU] [-D pkcs11_provider] | 26 | ssh-keygen -I certificate_identity -s ca_key [-hU] [-D pkcs11_provider] |
26 | [-n principals] [-O option] [-V validity_interval] | 27 | [-n principals] [-O option] [-V validity_interval] |
27 | [-z serial_number] file ... | 28 | [-z serial_number] file ... |
@@ -30,6 +31,7 @@ SYNOPSIS | |||
30 | ssh-keygen -k -f krl_file [-u] [-s ca_public] [-z version_number] | 31 | ssh-keygen -k -f krl_file [-u] [-s ca_public] [-z version_number] |
31 | file ... | 32 | file ... |
32 | ssh-keygen -Q -f krl_file file ... | 33 | ssh-keygen -Q -f krl_file file ... |
34 | ssh-keygen -Y find-principals -s signature_file -f allowed_signers_file | ||
33 | ssh-keygen -Y check-novalidate -n namespace -s signature_file | 35 | ssh-keygen -Y check-novalidate -n namespace -s signature_file |
34 | ssh-keygen -Y sign -f key_file -n namespace file ... | 36 | ssh-keygen -Y sign -f key_file -n namespace file ... |
35 | ssh-keygen -Y verify -f allowed_signers_file -I signer_identity | 37 | ssh-keygen -Y verify -f allowed_signers_file -I signer_identity |
@@ -51,9 +53,9 @@ DESCRIPTION | |||
51 | 53 | ||
52 | Normally each user wishing to use SSH with public key authentication runs | 54 | Normally each user wishing to use SSH with public key authentication runs |
53 | this once to create the authentication key in ~/.ssh/id_dsa, | 55 | this once to create the authentication key in ~/.ssh/id_dsa, |
54 | ~/.ssh/id_ecdsa, ~/.ssh/id_ed25519 or ~/.ssh/id_rsa. Additionally, the | 56 | ~/.ssh/id_ecdsa, ~/.ssh/id_ecdsa_sk, ~/.ssh/id_ed25519, |
55 | system administrator may use this to generate host keys, as seen in | 57 | ~/.ssh/id_ed25519_sk or ~/.ssh/id_rsa. Additionally, the system |
56 | /etc/rc. | 58 | administrator may use this to generate host keys, as seen in /etc/rc. |
57 | 59 | ||
58 | Normally this program generates the key and asks for a file in which to | 60 | Normally this program generates the key and asks for a file in which to |
59 | store the private key. The public key is stored in a file with the same | 61 | store the private key. The public key is stored in a file with the same |
@@ -104,9 +106,6 @@ DESCRIPTION | |||
104 | in slower passphrase verification and increased resistance to | 106 | in slower passphrase verification and increased resistance to |
105 | brute-force password cracking (should the keys be stolen). | 107 | brute-force password cracking (should the keys be stolen). |
106 | 108 | ||
107 | When screening DH-GEX candidates (using the -T command), this | ||
108 | option specifies the number of primality tests to perform. | ||
109 | |||
110 | -B Show the bubblebabble digest of specified private or public key | 109 | -B Show the bubblebabble digest of specified private or public key |
111 | file. | 110 | file. |
112 | 111 | ||
@@ -118,8 +117,8 @@ DESCRIPTION | |||
118 | the -b flag determines the key length by selecting from one of | 117 | the -b flag determines the key length by selecting from one of |
119 | three elliptic curve sizes: 256, 384 or 521 bits. Attempting to | 118 | three elliptic curve sizes: 256, 384 or 521 bits. Attempting to |
120 | use bit lengths other than these three values for ECDSA keys will | 119 | use bit lengths other than these three values for ECDSA keys will |
121 | fail. Ed25519 keys have a fixed length and the -b flag will be | 120 | fail. ECDSA-SK, Ed25519 and Ed25519-SK keys have a fixed length |
122 | ignored. | 121 | and the -b flag will be ignored. |
123 | 122 | ||
124 | -C comment | 123 | -C comment |
125 | Provides a new comment. | 124 | Provides a new comment. |
@@ -156,10 +155,6 @@ DESCRIPTION | |||
156 | -f filename | 155 | -f filename |
157 | Specifies the filename of the key file. | 156 | Specifies the filename of the key file. |
158 | 157 | ||
159 | -G output_file | ||
160 | Generate candidate primes for DH-GEX. These primes must be | ||
161 | screened for safety (using the -T option) before use. | ||
162 | |||
163 | -g Use generic DNS format when printing fingerprint resource records | 158 | -g Use generic DNS format when printing fingerprint resource records |
164 | using the -r command. | 159 | using the -r command. |
165 | 160 | ||
@@ -185,19 +180,9 @@ DESCRIPTION | |||
185 | importing keys from other software, including several commercial | 180 | importing keys from other software, including several commercial |
186 | SSH implementations. The default import format is M-bM-^@M-^\RFC4716M-bM-^@M-^]. | 181 | SSH implementations. The default import format is M-bM-^@M-^\RFC4716M-bM-^@M-^]. |
187 | 182 | ||
188 | -J num_lines | 183 | -K Download resident keys from a FIDO authenticator. Public and |
189 | Exit after screening the specified number of lines while | 184 | private key files will be written to the current directory for |
190 | performing DH candidate screening using the -T option. | 185 | each downloaded key. |
191 | |||
192 | -j start_line | ||
193 | Start screening at the specified line number while performing DH | ||
194 | candidate screening using the -T option. | ||
195 | |||
196 | -K checkpt | ||
197 | Write the last line processed to the file checkpt while | ||
198 | performing DH candidate screening using the -T option. This will | ||
199 | be used to skip lines in the input file that have already been | ||
200 | processed if the job is restarted. | ||
201 | 186 | ||
202 | -k Generate a KRL file. In this mode, ssh-keygen will generate a | 187 | -k Generate a KRL file. In this mode, ssh-keygen will generate a |
203 | KRL file at the location specified via the -f flag that revokes | 188 | KRL file at the location specified via the -f flag that revokes |
@@ -213,9 +198,21 @@ DESCRIPTION | |||
213 | prints its fingerprint. If combined with -v, a visual ASCII art | 198 | prints its fingerprint. If combined with -v, a visual ASCII art |
214 | representation of the key is supplied with the fingerprint. | 199 | representation of the key is supplied with the fingerprint. |
215 | 200 | ||
216 | -M memory | 201 | -M generate |
217 | Specify the amount of memory to use (in megabytes) when | 202 | Generate candidate Diffie-Hellman Group Exchange (DH-GEX) |
218 | generating candidate moduli for DH-GEX. | 203 | parameters for eventual use by the |
204 | M-bM-^@M-^Xdiffie-hellman-group-exchange-*M-bM-^@M-^Y key exchange methods. The | ||
205 | numbers generated by this operation must be further screened | ||
206 | before use. See the MODULI GENERATION section for more | ||
207 | information. | ||
208 | |||
209 | -M screen | ||
210 | Screen candidate parameters for Diffie-Hellman Group Exchange. | ||
211 | This will accept a list of candidate numbers and test that they | ||
212 | are safe (Sophie Germain) primes with acceptable group | ||
213 | generators. The results of this operation may be added to the | ||
214 | /etc/moduli file. See the MODULI GENERATION section for more | ||
215 | information. | ||
219 | 216 | ||
220 | -m key_format | 217 | -m key_format |
221 | Specify a key format for key generation, the -i (import), -e | 218 | Specify a key format for key generation, the -i (import), -e |
@@ -240,70 +237,61 @@ DESCRIPTION | |||
240 | CERTIFICATES section for details. | 237 | CERTIFICATES section for details. |
241 | 238 | ||
242 | -O option | 239 | -O option |
243 | Specify a certificate option when signing a key. This option may | 240 | Specify a key/value option. These are specific to the operation |
244 | be specified multiple times. See also the CERTIFICATES section | 241 | that ssh-keygen has been requested to perform. |
245 | for further details. | 242 | |
246 | 243 | When signing certificates, one of the options listed in the | |
247 | At present, no standard options are valid for host keys. The | 244 | CERTIFICATES section may be specified here. |
248 | options that are valid for user certificates are: | 245 | |
249 | 246 | When performing moduli generation or screening, one of the | |
250 | clear Clear all enabled permissions. This is useful for | 247 | options listed in the MODULI GENERATION section may be specified. |
251 | clearing the default set of permissions so permissions | 248 | |
252 | may be added individually. | 249 | When generating a key that will be hosted on a FIDO |
253 | 250 | authenticator, this flag may be used to specify key-specific | |
254 | critical:name[=contents] | 251 | options. Those supported at present are: |
255 | extension:name[=contents] | 252 | |
256 | Includes an arbitrary certificate critical option or | 253 | application |
257 | extension. The specified name should include a domain | 254 | Override the default FIDO application/origin string of |
258 | suffix, e.g. M-bM-^@M-^\name@example.comM-bM-^@M-^]. If contents is | 255 | M-bM-^@M-^\ssh:M-bM-^@M-^]. This may be useful when generating host or |
259 | specified then it is included as the contents of the | 256 | domain-specific resident keys. The specified application |
260 | extension/option encoded as a string, otherwise the | 257 | string must begin with M-bM-^@M-^\ssh:M-bM-^@M-^]. |
261 | extension/option is created with no contents (usually | 258 | |
262 | indicating a flag). Extensions may be ignored by a | 259 | challenge=path |
263 | client or server that does not recognise them, whereas | 260 | Specifies a path to a challenge string that will be |
264 | unknown critical options will cause the certificate to be | 261 | passed to the FIDO token during key generation. The |
265 | refused. | 262 | challenge string may be used as part of an out-of-band |
266 | 263 | protocol for key enrollment (a random challenge is used | |
267 | force-command=command | 264 | by default). |
268 | Forces the execution of command instead of any shell or | 265 | |
269 | command specified by the user when the certificate is | 266 | device Explicitly specify a fido(4) device to use, rather than |
270 | used for authentication. | 267 | letting the token middleware select one. |
271 | 268 | ||
272 | no-agent-forwarding | 269 | no-touch-required |
273 | Disable ssh-agent(1) forwarding (permitted by default). | 270 | Indicate that the generated private key should not |
274 | 271 | require touch events (user presence) when making | |
275 | no-port-forwarding | 272 | signatures. Note that sshd(8) will refuse such |
276 | Disable port forwarding (permitted by default). | 273 | signatures by default, unless overridden via an |
277 | 274 | authorized_keys option. | |
278 | no-pty Disable PTY allocation (permitted by default). | 275 | |
279 | 276 | resident | |
280 | no-user-rc | 277 | Indicate that the key should be stored on the FIDO |
281 | Disable execution of ~/.ssh/rc by sshd(8) (permitted by | 278 | authenticator itself. Resident keys may be supported on |
282 | default). | 279 | FIDO2 tokens and typically require that a PIN be set on |
283 | 280 | the token prior to generation. Resident keys may be | |
284 | no-x11-forwarding | 281 | loaded off the token using ssh-add(1). |
285 | Disable X11 forwarding (permitted by default). | 282 | |
286 | 283 | user A username to be associated with a resident key, | |
287 | permit-agent-forwarding | 284 | overriding the empty default username. Specifying a |
288 | Allows ssh-agent(1) forwarding. | 285 | username may be useful when generating multiple resident |
289 | 286 | keys for the same application name. | |
290 | permit-port-forwarding | 287 | |
291 | Allows port forwarding. | 288 | write-attestation=path |
292 | 289 | May be used at key generation time to record the | |
293 | permit-pty | 290 | attestation certificate returned from FIDO tokens during |
294 | Allows PTY allocation. | 291 | key generation. By default this information is |
295 | 292 | discarded. | |
296 | permit-user-rc | 293 | |
297 | Allows execution of ~/.ssh/rc by sshd(8). | 294 | The -O option may be specified multiple times. |
298 | |||
299 | permit-X11-forwarding | ||
300 | Allows X11 forwarding. | ||
301 | |||
302 | source-address=address_list | ||
303 | Restrict the source addresses from which the certificate | ||
304 | is considered valid. The address_list is a comma- | ||
305 | separated list of one or more address/netmask pairs in | ||
306 | CIDR format. | ||
307 | 295 | ||
308 | -P passphrase | 296 | -P passphrase |
309 | Provides the (old) passphrase. | 297 | Provides the (old) passphrase. |
@@ -326,10 +314,6 @@ DESCRIPTION | |||
326 | Print the SSHFP fingerprint resource record named hostname for | 314 | Print the SSHFP fingerprint resource record named hostname for |
327 | the specified public key file. | 315 | the specified public key file. |
328 | 316 | ||
329 | -S start | ||
330 | Specify start point (in hex) when generating candidate moduli for | ||
331 | DH-GEX. | ||
332 | |||
333 | -s ca_key | 317 | -s ca_key |
334 | Certify (sign) a public key using the specified CA key. Please | 318 | Certify (sign) a public key using the specified CA key. Please |
335 | see the CERTIFICATES section for details. | 319 | see the CERTIFICATES section for details. |
@@ -338,13 +322,9 @@ DESCRIPTION | |||
338 | file used to revoke certificates directly by key ID or serial | 322 | file used to revoke certificates directly by key ID or serial |
339 | number. See the KEY REVOCATION LISTS section for details. | 323 | number. See the KEY REVOCATION LISTS section for details. |
340 | 324 | ||
341 | -T output_file | 325 | -t dsa | ecdsa | ecdsa-sk | ed25519 | ed25519-sk | rsa |
342 | Test DH group exchange candidate primes (generated using the -G | ||
343 | option) for safety. | ||
344 | |||
345 | -t dsa | ecdsa | ed25519 | rsa | ||
346 | Specifies the type of key to create. The possible values are | 326 | Specifies the type of key to create. The possible values are |
347 | M-bM-^@M-^\dsaM-bM-^@M-^], M-bM-^@M-^\ecdsaM-bM-^@M-^], M-bM-^@M-^\ed25519M-bM-^@M-^], or M-bM-^@M-^\rsaM-bM-^@M-^]. | 327 | M-bM-^@M-^\dsaM-bM-^@M-^], M-bM-^@M-^\ecdsaM-bM-^@M-^], M-bM-^@M-^\ecdsa-skM-bM-^@M-^], M-bM-^@M-^\ed25519M-bM-^@M-^], M-bM-^@M-^\ed25519-skM-bM-^@M-^], or M-bM-^@M-^\rsaM-bM-^@M-^]. |
348 | 328 | ||
349 | This flag may also be used to specify the desired signature type | 329 | This flag may also be used to specify the desired signature type |
350 | when signing certificates using an RSA CA key. The available RSA | 330 | when signing certificates using an RSA CA key. The available RSA |
@@ -390,12 +370,28 @@ DESCRIPTION | |||
390 | generation. Multiple -v options increase the verbosity. The | 370 | generation. Multiple -v options increase the verbosity. The |
391 | maximum is 3. | 371 | maximum is 3. |
392 | 372 | ||
393 | -W generator | 373 | -w provider |
394 | Specify desired generator when testing candidate moduli for DH- | 374 | Specifies a path to a library that will be used when creating |
395 | GEX. | 375 | FIDO authenticator-hosted keys, overriding the default of using |
376 | the internal USB HID support. | ||
396 | 377 | ||
397 | -y This option will read a private OpenSSH format file and print an | 378 | -Y find-principals |
398 | OpenSSH public key to stdout. | 379 | Find the principal(s) associated with the public key of a |
380 | signature, provided using the -s flag in an authorized signers | ||
381 | file provided using the -f flag. The format of the allowed | ||
382 | signers file is documented in the ALLOWED SIGNERS section below. | ||
383 | If one or more matching principals are found, they are returned | ||
384 | on standard output. | ||
385 | |||
386 | -Y check-novalidate | ||
387 | Checks that a signature generated using ssh-keygen -Y sign has a | ||
388 | valid structure. This does not validate if a signature comes | ||
389 | from an authorized signer. When testing a signature, ssh-keygen | ||
390 | accepts a message on standard input and a signature namespace | ||
391 | using -n. A file containing the corresponding signature must | ||
392 | also be supplied using the -s flag. Successful testing of the | ||
393 | signature is signalled by ssh-keygen returning a zero exit | ||
394 | status. | ||
399 | 395 | ||
400 | -Y sign | 396 | -Y sign |
401 | Cryptographically sign a file or some data using a SSH key. When | 397 | Cryptographically sign a file or some data using a SSH key. When |
@@ -427,16 +423,10 @@ DESCRIPTION | |||
427 | keys can be passed using the -r flag. The revocation file may be | 423 | keys can be passed using the -r flag. The revocation file may be |
428 | a KRL or a one-per-line list of public keys. Successful | 424 | a KRL or a one-per-line list of public keys. Successful |
429 | verification by an authorized signer is signalled by ssh-keygen | 425 | verification by an authorized signer is signalled by ssh-keygen |
426 | returning a zero exit status. | ||
430 | 427 | ||
431 | -Y check-novalidate | 428 | -y This option will read a private OpenSSH format file and print an |
432 | Checks that a signature generated using ssh-keygen -Y sign has a | 429 | OpenSSH public key to stdout. |
433 | valid structure. This does not validate if a signature comes | ||
434 | from an authorized signer. When testing a signature, ssh-keygen | ||
435 | accepts a message on standard input and a signature namespace | ||
436 | using -n. A file containing the corresponding signature must | ||
437 | also be supplied using the -s flag. Successful testing of the | ||
438 | signature is signalled by ssh-keygen returning a zero exit | ||
439 | status. | ||
440 | 430 | ||
441 | -z serial_number | 431 | -z serial_number |
442 | Specifies a serial number to be embedded in the certificate to | 432 | Specifies a serial number to be embedded in the certificate to |
@@ -455,32 +445,62 @@ MODULI GENERATION | |||
455 | intensive process. These candidate primes are then tested for | 445 | intensive process. These candidate primes are then tested for |
456 | suitability (a CPU-intensive process). | 446 | suitability (a CPU-intensive process). |
457 | 447 | ||
458 | Generation of primes is performed using the -G option. The desired | 448 | Generation of primes is performed using the -M generate option. The |
459 | length of the primes may be specified by the -b option. For example: | 449 | desired length of the primes may be specified by the -O bits option. For |
450 | example: | ||
460 | 451 | ||
461 | # ssh-keygen -G moduli-2048.candidates -b 2048 | 452 | # ssh-keygen -M generate -O bits=2048 moduli-2048.candidates |
462 | 453 | ||
463 | By default, the search for primes begins at a random point in the desired | 454 | By default, the search for primes begins at a random point in the desired |
464 | length range. This may be overridden using the -S option, which | 455 | length range. This may be overridden using the -O start option, which |
465 | specifies a different start point (in hex). | 456 | specifies a different start point (in hex). |
466 | 457 | ||
467 | Once a set of candidates have been generated, they must be screened for | 458 | Once a set of candidates have been generated, they must be screened for |
468 | suitability. This may be performed using the -T option. In this mode | 459 | suitability. This may be performed using the -M screen option. In this |
469 | ssh-keygen will read candidates from standard input (or a file specified | 460 | mode ssh-keygen will read candidates from standard input (or a file |
470 | using the -f option). For example: | 461 | specified using the -f option). For example: |
471 | 462 | ||
472 | # ssh-keygen -T moduli-2048 -f moduli-2048.candidates | 463 | # ssh-keygen -M screen -f moduli-2048.candidates moduli-2048 |
473 | 464 | ||
474 | By default, each candidate will be subjected to 100 primality tests. | 465 | By default, each candidate will be subjected to 100 primality tests. |
475 | This may be overridden using the -a option. The DH generator value will | 466 | This may be overridden using the -O prime-tests option. The DH generator |
476 | be chosen automatically for the prime under consideration. If a specific | 467 | value will be chosen automatically for the prime under consideration. If |
477 | generator is desired, it may be requested using the -W option. Valid | 468 | a specific generator is desired, it may be requested using the -O |
478 | generator values are 2, 3, and 5. | 469 | generator option. Valid generator values are 2, 3, and 5. |
479 | 470 | ||
480 | Screened DH groups may be installed in /etc/moduli. It is important that | 471 | Screened DH groups may be installed in /etc/moduli. It is important that |
481 | this file contains moduli of a range of bit lengths and that both ends of | 472 | this file contains moduli of a range of bit lengths and that both ends of |
482 | a connection share common moduli. | 473 | a connection share common moduli. |
483 | 474 | ||
475 | A number of options are available for moduli generation and screening via | ||
476 | the -O flag: | ||
477 | |||
478 | lines=number | ||
479 | Exit after screening the specified number of lines while | ||
480 | performing DH candidate screening. | ||
481 | |||
482 | start-line=line-number | ||
483 | Start screening at the specified line number while performing DH | ||
484 | candidate screening. | ||
485 | |||
486 | checkpoint=filename | ||
487 | Write the last line processed to the specified file while | ||
488 | performing DH candidate screening. This will be used to skip | ||
489 | lines in the input file that have already been processed if the | ||
490 | job is restarted. | ||
491 | |||
492 | memory=mbytes | ||
493 | Specify the amount of memory to use (in megabytes) when | ||
494 | generating candidate moduli for DH-GEX. | ||
495 | |||
496 | start=hex-value | ||
497 | Specify start point (in hex) when generating candidate moduli for | ||
498 | DH-GEX. | ||
499 | |||
500 | generator=value | ||
501 | Specify desired generator (in decimal) when testing candidate | ||
502 | moduli for DH-GEX. | ||
503 | |||
484 | CERTIFICATES | 504 | CERTIFICATES |
485 | ssh-keygen supports signing of keys to produce certificates that may be | 505 | ssh-keygen supports signing of keys to produce certificates that may be |
486 | used for user or host authentication. Certificates consist of a public | 506 | used for user or host authentication. Certificates consist of a public |
@@ -531,8 +551,71 @@ CERTIFICATES | |||
531 | be specified through certificate options. A certificate option may | 551 | be specified through certificate options. A certificate option may |
532 | disable features of the SSH session, may be valid only when presented | 552 | disable features of the SSH session, may be valid only when presented |
533 | from particular source addresses or may force the use of a specific | 553 | from particular source addresses or may force the use of a specific |
534 | command. For a list of valid certificate options, see the documentation | 554 | command. |
535 | for the -O option above. | 555 | |
556 | The options that are valid for user certificates are: | ||
557 | |||
558 | clear Clear all enabled permissions. This is useful for clearing the | ||
559 | default set of permissions so permissions may be added | ||
560 | individually. | ||
561 | |||
562 | critical:name[=contents] | ||
563 | extension:name[=contents] | ||
564 | Includes an arbitrary certificate critical option or extension. | ||
565 | The specified name should include a domain suffix, e.g. | ||
566 | M-bM-^@M-^\name@example.comM-bM-^@M-^]. If contents is specified then it is included | ||
567 | as the contents of the extension/option encoded as a string, | ||
568 | otherwise the extension/option is created with no contents | ||
569 | (usually indicating a flag). Extensions may be ignored by a | ||
570 | client or server that does not recognise them, whereas unknown | ||
571 | critical options will cause the certificate to be refused. | ||
572 | |||
573 | force-command=command | ||
574 | Forces the execution of command instead of any shell or command | ||
575 | specified by the user when the certificate is used for | ||
576 | authentication. | ||
577 | |||
578 | no-agent-forwarding | ||
579 | Disable ssh-agent(1) forwarding (permitted by default). | ||
580 | |||
581 | no-port-forwarding | ||
582 | Disable port forwarding (permitted by default). | ||
583 | |||
584 | no-pty Disable PTY allocation (permitted by default). | ||
585 | |||
586 | no-user-rc | ||
587 | Disable execution of ~/.ssh/rc by sshd(8) (permitted by default). | ||
588 | |||
589 | no-x11-forwarding | ||
590 | Disable X11 forwarding (permitted by default). | ||
591 | |||
592 | permit-agent-forwarding | ||
593 | Allows ssh-agent(1) forwarding. | ||
594 | |||
595 | permit-port-forwarding | ||
596 | Allows port forwarding. | ||
597 | |||
598 | permit-pty | ||
599 | Allows PTY allocation. | ||
600 | |||
601 | permit-user-rc | ||
602 | Allows execution of ~/.ssh/rc by sshd(8). | ||
603 | |||
604 | permit-X11-forwarding | ||
605 | Allows X11 forwarding. | ||
606 | |||
607 | no-touch-required | ||
608 | Do not require signatures made using this key require | ||
609 | demonstration of user presence (e.g. by having the user touch the | ||
610 | authenticator). This option only makes sense for the FIDO | ||
611 | authenticator algorithms ecdsa-sk and ed25519-sk. | ||
612 | |||
613 | source-address=address_list | ||
614 | Restrict the source addresses from which the certificate is | ||
615 | considered valid. The address_list is a comma-separated list of | ||
616 | one or more address/netmask pairs in CIDR format. | ||
617 | |||
618 | At present, no standard options are valid for host keys. | ||
536 | 619 | ||
537 | Finally, certificates may be defined with a validity lifetime. The -V | 620 | Finally, certificates may be defined with a validity lifetime. The -V |
538 | option allows specification of certificate start and end times. A | 621 | option allows specification of certificate start and end times. A |
@@ -618,7 +701,7 @@ ALLOWED SIGNERS | |||
618 | The principals field is a pattern-list (See PATTERNS in ssh_config(5)) | 701 | The principals field is a pattern-list (See PATTERNS in ssh_config(5)) |
619 | consisting of one or more comma-separated USER@DOMAIN identity patterns | 702 | consisting of one or more comma-separated USER@DOMAIN identity patterns |
620 | that are accepted for signing. When verifying, the identity presented | 703 | that are accepted for signing. When verifying, the identity presented |
621 | via the -I -option must match a principals pattern in order for the | 704 | via the -I option must match a principals pattern in order for the |
622 | corresponding key to be considered acceptable for verification. | 705 | corresponding key to be considered acceptable for verification. |
623 | 706 | ||
624 | The options (if present) consist of comma-separated option | 707 | The options (if present) consist of comma-separated option |
@@ -651,13 +734,22 @@ ALLOWED SIGNERS | |||
651 | # A key that is accepted only for file signing. | 734 | # A key that is accepted only for file signing. |
652 | user2@example.com namespaces="file" ssh-ed25519 AAA41... | 735 | user2@example.com namespaces="file" ssh-ed25519 AAA41... |
653 | 736 | ||
737 | ENVIRONMENT | ||
738 | SSH_SK_PROVIDER | ||
739 | Specifies a path to a library that will be used when loading any | ||
740 | FIDO authenticator-hosted keys, overriding the default of using | ||
741 | the built-in USB HID support. | ||
742 | |||
654 | FILES | 743 | FILES |
655 | ~/.ssh/id_dsa | 744 | ~/.ssh/id_dsa |
656 | ~/.ssh/id_ecdsa | 745 | ~/.ssh/id_ecdsa |
746 | ~/.ssh/id_ecdsa_sk | ||
657 | ~/.ssh/id_ed25519 | 747 | ~/.ssh/id_ed25519 |
748 | ~/.ssh/id_ed25519_sk | ||
658 | ~/.ssh/id_rsa | 749 | ~/.ssh/id_rsa |
659 | Contains the DSA, ECDSA, Ed25519 or RSA authentication identity | 750 | Contains the DSA, ECDSA, authenticator-hosted ECDSA, Ed25519, |
660 | of the user. This file should not be readable by anyone but the | 751 | authenticator-hosted Ed25519 or RSA authentication identity of |
752 | the user. This file should not be readable by anyone but the | ||
661 | user. It is possible to specify a passphrase when generating the | 753 | user. It is possible to specify a passphrase when generating the |
662 | key; that passphrase will be used to encrypt the private part of | 754 | key; that passphrase will be used to encrypt the private part of |
663 | this file using 128-bit AES. This file is not automatically | 755 | this file using 128-bit AES. This file is not automatically |
@@ -667,9 +759,12 @@ FILES | |||
667 | 759 | ||
668 | ~/.ssh/id_dsa.pub | 760 | ~/.ssh/id_dsa.pub |
669 | ~/.ssh/id_ecdsa.pub | 761 | ~/.ssh/id_ecdsa.pub |
762 | ~/.ssh/id_ecdsa_sk.pub | ||
670 | ~/.ssh/id_ed25519.pub | 763 | ~/.ssh/id_ed25519.pub |
764 | ~/.ssh/id_ed25519_sk.pub | ||
671 | ~/.ssh/id_rsa.pub | 765 | ~/.ssh/id_rsa.pub |
672 | Contains the DSA, ECDSA, Ed25519 or RSA public key for | 766 | Contains the DSA, ECDSA, authenticator-hosted ECDSA, Ed25519, |
767 | authenticator-hosted Ed25519 or RSA public key for | ||
673 | authentication. The contents of this file should be added to | 768 | authentication. The contents of this file should be added to |
674 | ~/.ssh/authorized_keys on all machines where the user wishes to | 769 | ~/.ssh/authorized_keys on all machines where the user wishes to |
675 | log in using public key authentication. There is no need to keep | 770 | log in using public key authentication. There is no need to keep |
@@ -691,4 +786,4 @@ AUTHORS | |||
691 | created OpenSSH. Markus Friedl contributed the support for SSH protocol | 786 | created OpenSSH. Markus Friedl contributed the support for SSH protocol |
692 | versions 1.5 and 2.0. | 787 | versions 1.5 and 2.0. |
693 | 788 | ||
694 | OpenBSD 6.6 October 3, 2019 OpenBSD 6.6 | 789 | OpenBSD 6.6 February 7, 2020 OpenBSD 6.6 |