diff options
author | Colin Watson <cjwatson@debian.org> | 2016-02-29 12:15:15 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2016-02-29 12:15:15 +0000 |
commit | c52a95cc4754e6630c96fe65ae0c65eb41d2c590 (patch) | |
tree | 793395934013923b7b2426382c0676edcd4be3d4 /ssh-keygen.0 | |
parent | eeff4de96f5d7365750dc56912c2c62b5c28db6b (diff) | |
parent | 72b061d4ba0f909501c595d709ea76e06b01e5c9 (diff) |
Import openssh_7.2p1.orig.tar.gz
Diffstat (limited to 'ssh-keygen.0')
-rw-r--r-- | ssh-keygen.0 | 23 |
1 files changed, 13 insertions, 10 deletions
diff --git a/ssh-keygen.0 b/ssh-keygen.0 index 07a45b36b..2b749ae9f 100644 --- a/ssh-keygen.0 +++ b/ssh-keygen.0 | |||
@@ -31,8 +31,11 @@ SYNOPSIS | |||
31 | 31 | ||
32 | DESCRIPTION | 32 | DESCRIPTION |
33 | ssh-keygen generates, manages and converts authentication keys for | 33 | ssh-keygen generates, manages and converts authentication keys for |
34 | ssh(1). ssh-keygen can create RSA keys for use by SSH protocol version 1 | 34 | ssh(1). ssh-keygen can create keys for use by SSH protocol versions 1 |
35 | and DSA, ECDSA, Ed25519 or RSA keys for use by SSH protocol version 2. | 35 | and 2. Protocol 1 should not be used and is only offered to support |
36 | legacy devices. It suffers from a number of cryptographic weaknesses and | ||
37 | doesn't support many of the advanced features available for protocol 2. | ||
38 | |||
36 | The type of key to be generated is specified with the -t option. If | 39 | The type of key to be generated is specified with the -t option. If |
37 | invoked without any arguments, ssh-keygen will generate an RSA key for | 40 | invoked without any arguments, ssh-keygen will generate an RSA key for |
38 | use in SSH protocol 2 connections. | 41 | use in SSH protocol 2 connections. |
@@ -194,7 +197,7 @@ DESCRIPTION | |||
194 | file or using the format described in the KEY REVOCATION LISTS | 197 | file or using the format described in the KEY REVOCATION LISTS |
195 | section. | 198 | section. |
196 | 199 | ||
197 | -L Prints the contents of a certificate. | 200 | -L Prints the contents of one or more certificates. |
198 | 201 | ||
199 | -l Show fingerprint of specified public key file. Private RSA1 keys | 202 | -l Show fingerprint of specified public key file. Private RSA1 keys |
200 | are also supported. For RSA and DSA keys ssh-keygen tries to | 203 | are also supported. For RSA and DSA keys ssh-keygen tries to |
@@ -275,11 +278,11 @@ DESCRIPTION | |||
275 | 278 | ||
276 | At present, no options are valid for host keys. | 279 | At present, no options are valid for host keys. |
277 | 280 | ||
278 | -o Causes ssh-keygen to save SSH protocol 2 private keys using the | 281 | -o Causes ssh-keygen to save private keys using the new OpenSSH |
279 | new OpenSSH format rather than the more compatible PEM format. | 282 | format rather than the more compatible PEM format. The new |
280 | The new format has increased resistance to brute-force password | 283 | format has increased resistance to brute-force password cracking |
281 | cracking but is not supported by versions of OpenSSH prior to | 284 | but is not supported by versions of OpenSSH prior to 6.5. |
282 | 6.5. Ed25519 keys always use the new private key format. | 285 | Ed25519 keys always use the new private key format. |
283 | 286 | ||
284 | -P passphrase | 287 | -P passphrase |
285 | Provides the (old) passphrase. | 288 | Provides the (old) passphrase. |
@@ -502,7 +505,7 @@ KEY REVOCATION LISTS | |||
502 | 505 | ||
503 | It is also possible, given a KRL, to test whether it revokes a particular | 506 | It is also possible, given a KRL, to test whether it revokes a particular |
504 | key (or keys). The -Q flag will query an existing KRL, testing each key | 507 | key (or keys). The -Q flag will query an existing KRL, testing each key |
505 | specified on the commandline. If any key listed on the command line has | 508 | specified on the command line. If any key listed on the command line has |
506 | been revoked (or an error encountered) then ssh-keygen will exit with a | 509 | been revoked (or an error encountered) then ssh-keygen will exit with a |
507 | non-zero exit status. A zero exit status will only be returned if no key | 510 | non-zero exit status. A zero exit status will only be returned if no key |
508 | was revoked. | 511 | was revoked. |
@@ -563,4 +566,4 @@ AUTHORS | |||
563 | created OpenSSH. Markus Friedl contributed the support for SSH protocol | 566 | created OpenSSH. Markus Friedl contributed the support for SSH protocol |
564 | versions 1.5 and 2.0. | 567 | versions 1.5 and 2.0. |
565 | 568 | ||
566 | OpenBSD 5.8 August 20, 2015 OpenBSD 5.8 | 569 | OpenBSD 5.9 February 17, 2016 OpenBSD 5.9 |