diff options
| author | Colin Watson <cjwatson@debian.org> | 2016-02-29 12:15:15 +0000 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2016-02-29 12:15:15 +0000 |
| commit | c52a95cc4754e6630c96fe65ae0c65eb41d2c590 (patch) | |
| tree | 793395934013923b7b2426382c0676edcd4be3d4 /ssh-keygen.0 | |
| parent | eeff4de96f5d7365750dc56912c2c62b5c28db6b (diff) | |
| parent | 72b061d4ba0f909501c595d709ea76e06b01e5c9 (diff) | |
Import openssh_7.2p1.orig.tar.gz
Diffstat (limited to 'ssh-keygen.0')
| -rw-r--r-- | ssh-keygen.0 | 23 |
1 files changed, 13 insertions, 10 deletions
diff --git a/ssh-keygen.0 b/ssh-keygen.0 index 07a45b36b..2b749ae9f 100644 --- a/ssh-keygen.0 +++ b/ssh-keygen.0 | |||
| @@ -31,8 +31,11 @@ SYNOPSIS | |||
| 31 | 31 | ||
| 32 | DESCRIPTION | 32 | DESCRIPTION |
| 33 | ssh-keygen generates, manages and converts authentication keys for | 33 | ssh-keygen generates, manages and converts authentication keys for |
| 34 | ssh(1). ssh-keygen can create RSA keys for use by SSH protocol version 1 | 34 | ssh(1). ssh-keygen can create keys for use by SSH protocol versions 1 |
| 35 | and DSA, ECDSA, Ed25519 or RSA keys for use by SSH protocol version 2. | 35 | and 2. Protocol 1 should not be used and is only offered to support |
| 36 | legacy devices. It suffers from a number of cryptographic weaknesses and | ||
| 37 | doesn't support many of the advanced features available for protocol 2. | ||
| 38 | |||
| 36 | The type of key to be generated is specified with the -t option. If | 39 | The type of key to be generated is specified with the -t option. If |
| 37 | invoked without any arguments, ssh-keygen will generate an RSA key for | 40 | invoked without any arguments, ssh-keygen will generate an RSA key for |
| 38 | use in SSH protocol 2 connections. | 41 | use in SSH protocol 2 connections. |
| @@ -194,7 +197,7 @@ DESCRIPTION | |||
| 194 | file or using the format described in the KEY REVOCATION LISTS | 197 | file or using the format described in the KEY REVOCATION LISTS |
| 195 | section. | 198 | section. |
| 196 | 199 | ||
| 197 | -L Prints the contents of a certificate. | 200 | -L Prints the contents of one or more certificates. |
| 198 | 201 | ||
| 199 | -l Show fingerprint of specified public key file. Private RSA1 keys | 202 | -l Show fingerprint of specified public key file. Private RSA1 keys |
| 200 | are also supported. For RSA and DSA keys ssh-keygen tries to | 203 | are also supported. For RSA and DSA keys ssh-keygen tries to |
| @@ -275,11 +278,11 @@ DESCRIPTION | |||
| 275 | 278 | ||
| 276 | At present, no options are valid for host keys. | 279 | At present, no options are valid for host keys. |
| 277 | 280 | ||
| 278 | -o Causes ssh-keygen to save SSH protocol 2 private keys using the | 281 | -o Causes ssh-keygen to save private keys using the new OpenSSH |
| 279 | new OpenSSH format rather than the more compatible PEM format. | 282 | format rather than the more compatible PEM format. The new |
| 280 | The new format has increased resistance to brute-force password | 283 | format has increased resistance to brute-force password cracking |
| 281 | cracking but is not supported by versions of OpenSSH prior to | 284 | but is not supported by versions of OpenSSH prior to 6.5. |
| 282 | 6.5. Ed25519 keys always use the new private key format. | 285 | Ed25519 keys always use the new private key format. |
| 283 | 286 | ||
| 284 | -P passphrase | 287 | -P passphrase |
| 285 | Provides the (old) passphrase. | 288 | Provides the (old) passphrase. |
| @@ -502,7 +505,7 @@ KEY REVOCATION LISTS | |||
| 502 | 505 | ||
| 503 | It is also possible, given a KRL, to test whether it revokes a particular | 506 | It is also possible, given a KRL, to test whether it revokes a particular |
| 504 | key (or keys). The -Q flag will query an existing KRL, testing each key | 507 | key (or keys). The -Q flag will query an existing KRL, testing each key |
| 505 | specified on the commandline. If any key listed on the command line has | 508 | specified on the command line. If any key listed on the command line has |
| 506 | been revoked (or an error encountered) then ssh-keygen will exit with a | 509 | been revoked (or an error encountered) then ssh-keygen will exit with a |
| 507 | non-zero exit status. A zero exit status will only be returned if no key | 510 | non-zero exit status. A zero exit status will only be returned if no key |
| 508 | was revoked. | 511 | was revoked. |
| @@ -563,4 +566,4 @@ AUTHORS | |||
| 563 | created OpenSSH. Markus Friedl contributed the support for SSH protocol | 566 | created OpenSSH. Markus Friedl contributed the support for SSH protocol |
| 564 | versions 1.5 and 2.0. | 567 | versions 1.5 and 2.0. |
| 565 | 568 | ||
| 566 | OpenBSD 5.8 August 20, 2015 OpenBSD 5.8 | 569 | OpenBSD 5.9 February 17, 2016 OpenBSD 5.9 |