diff options
| author | jmc@openbsd.org <jmc@openbsd.org> | 2020-02-03 08:15:37 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2020-02-04 10:00:18 +1100 |
| commit | 072f3b832d2a4db8d9880effcb6c4d0dad676504 (patch) | |
| tree | 274f0ce59b7ae80e50cebdd0d4109463ba79847c /ssh-keygen.1 | |
| parent | 262eb05a22cb1fabc3bc1746c220566490b80229 (diff) | |
upstream: use better markup for challenge and write-attestation, and
rejig the challenge text a little;
ok djm
OpenBSD-Commit-ID: 9f351e6da9edfdc907d5c3fdaf2e9ff3ab0a7a6f
Diffstat (limited to 'ssh-keygen.1')
| -rw-r--r-- | ssh-keygen.1 | 16 |
1 files changed, 7 insertions, 9 deletions
diff --git a/ssh-keygen.1 b/ssh-keygen.1 index 3494fbceb..f0e76aab1 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1 | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | .\" $OpenBSD: ssh-keygen.1,v 1.198 2020/02/02 07:36:50 jmc Exp $ | 1 | .\" $OpenBSD: ssh-keygen.1,v 1.199 2020/02/03 08:15:37 jmc Exp $ |
| 2 | .\" | 2 | .\" |
| 3 | .\" Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | .\" Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -35,7 +35,7 @@ | |||
| 35 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 35 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
| 36 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 36 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 37 | .\" | 37 | .\" |
| 38 | .Dd $Mdocdate: February 2 2020 $ | 38 | .Dd $Mdocdate: February 3 2020 $ |
| 39 | .Dt SSH-KEYGEN 1 | 39 | .Dt SSH-KEYGEN 1 |
| 40 | .Os | 40 | .Os |
| 41 | .Sh NAME | 41 | .Sh NAME |
| @@ -472,14 +472,12 @@ Those supported at present are: | |||
| 472 | Override the default FIDO application/origin string of | 472 | Override the default FIDO application/origin string of |
| 473 | .Dq ssh: . | 473 | .Dq ssh: . |
| 474 | This may be useful when generating host or domain-specific resident keys. | 474 | This may be useful when generating host or domain-specific resident keys. |
| 475 | .It Cm challenge=path | 475 | .It Cm challenge Ns = Ns Ar path |
| 476 | Specifies a path to a challenge string that will be passed to the | 476 | Specifies a path to a challenge string that will be passed to the |
| 477 | FIDO token during key generation. | 477 | FIDO token during key generation. |
| 478 | The challenge string is optional, but may be used as part of an out-of-band | 478 | The challenge string may be used as part of an out-of-band |
| 479 | protocol for key enrollment. | 479 | protocol for key enrollment |
| 480 | If no | 480 | (a random challenge is used by default). |
| 481 | .Cm challenge | ||
| 482 | is specified, a random challenge is used. | ||
| 483 | .It Cm device | 481 | .It Cm device |
| 484 | Explicitly specify a | 482 | Explicitly specify a |
| 485 | .Xr fido 4 | 483 | .Xr fido 4 |
| @@ -502,7 +500,7 @@ A username to be associated with a resident key, | |||
| 502 | overriding the empty default username. | 500 | overriding the empty default username. |
| 503 | Specifying a username may be useful when generating multiple resident keys | 501 | Specifying a username may be useful when generating multiple resident keys |
| 504 | for the same application name. | 502 | for the same application name. |
| 505 | .It Cm write-attestation=path | 503 | .It Cm write-attestation Ns = Ns Ar path |
| 506 | May be used at key generation time to record the attestation certificate | 504 | May be used at key generation time to record the attestation certificate |
| 507 | returned from FIDO tokens during key generation. | 505 | returned from FIDO tokens during key generation. |
| 508 | By default this information is discarded. | 506 | By default this information is discarded. |