diff options
author | naddy@openbsd.org <naddy@openbsd.org> | 2019-12-21 20:22:34 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2019-12-30 14:31:40 +1100 |
commit | 141df487ba699cfd1ec3dcd98186e7c956e99024 (patch) | |
tree | d759e3195bf74db1bf1673c563dd24450fcc4c50 /ssh-keygen.1 | |
parent | fbd9729d4eadf2f7097b6017156387ac64302453 (diff) |
upstream: Replace the term "security key" with "(FIDO)
authenticator".
The polysemous use of "key" was too confusing. Input from markus@.
ok jmc@
OpenBSD-Commit-ID: 12eea973a44c8232af89f86e4269d71ae900ca8f
Diffstat (limited to 'ssh-keygen.1')
-rw-r--r-- | ssh-keygen.1 | 25 |
1 files changed, 12 insertions, 13 deletions
diff --git a/ssh-keygen.1 b/ssh-keygen.1 index 1b77bdf6d..e48597388 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1 | |||
@@ -1,4 +1,4 @@ | |||
1 | .\" $OpenBSD: ssh-keygen.1,v 1.179 2019/11/30 07:07:59 jmc Exp $ | 1 | .\" $OpenBSD: ssh-keygen.1,v 1.180 2019/12/21 20:22:34 naddy Exp $ |
2 | .\" | 2 | .\" |
3 | .\" Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | .\" Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -35,7 +35,7 @@ | |||
35 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 35 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
36 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 36 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
37 | .\" | 37 | .\" |
38 | .Dd $Mdocdate: November 30 2019 $ | 38 | .Dd $Mdocdate: December 21 2019 $ |
39 | .Dt SSH-KEYGEN 1 | 39 | .Dt SSH-KEYGEN 1 |
40 | .Os | 40 | .Os |
41 | .Sh NAME | 41 | .Sh NAME |
@@ -537,7 +537,7 @@ Allows X11 forwarding. | |||
537 | .It Ic no-touch-required | 537 | .It Ic no-touch-required |
538 | Do not require signatures made using this key require demonstration | 538 | Do not require signatures made using this key require demonstration |
539 | of user presence (e.g. by having the user touch the key). | 539 | of user presence (e.g. by having the user touch the key). |
540 | This option only makes sense for the Security Key algorithms | 540 | This option only makes sense for the FIDO authenticator algorithms |
541 | .Cm ecdsa-sk | 541 | .Cm ecdsa-sk |
542 | and | 542 | and |
543 | .Cm ed25519-sk . | 543 | .Cm ed25519-sk . |
@@ -673,11 +673,11 @@ The maximum is 3. | |||
673 | .It Fl W Ar generator | 673 | .It Fl W Ar generator |
674 | Specify desired generator when testing candidate moduli for DH-GEX. | 674 | Specify desired generator when testing candidate moduli for DH-GEX. |
675 | .It Fl w Ar provider | 675 | .It Fl w Ar provider |
676 | Specifies a path to a security key provider library that will be used when | 676 | Specifies a path to a library that will be used when creating |
677 | creating any security key-hosted keys, overriding the default of the | 677 | FIDO authenticator-hosted keys, overriding the default of using |
678 | internal support for USB HID keys. | 678 | the internal USB HID support. |
679 | .It Fl x Ar flags | 679 | .It Fl x Ar flags |
680 | Specifies the security key flags to use when enrolling a security key-hosted | 680 | Specifies the authenticator flags to use when enrolling an authenticator-hosted |
681 | key. | 681 | key. |
682 | Flags may be specified by name or directly as a hexadecimal value. | 682 | Flags may be specified by name or directly as a hexadecimal value. |
683 | Only one named flag is supported at present: | 683 | Only one named flag is supported at present: |
@@ -1053,8 +1053,7 @@ user2@example.com namespaces="file" ssh-ed25519 AAA41... | |||
1053 | .Sh ENVIRONMENT | 1053 | .Sh ENVIRONMENT |
1054 | .Bl -tag -width Ds | 1054 | .Bl -tag -width Ds |
1055 | .It Ev SSH_SK_PROVIDER | 1055 | .It Ev SSH_SK_PROVIDER |
1056 | Specifies the path to a security key provider library used to interact with | 1056 | Specifies the path to a library used to interact with FIDO authenticators. |
1057 | hardware security keys. | ||
1058 | .El | 1057 | .El |
1059 | .Sh FILES | 1058 | .Sh FILES |
1060 | .Bl -tag -width Ds -compact | 1059 | .Bl -tag -width Ds -compact |
@@ -1064,8 +1063,8 @@ hardware security keys. | |||
1064 | .It Pa ~/.ssh/id_ed25519 | 1063 | .It Pa ~/.ssh/id_ed25519 |
1065 | .It Pa ~/.ssh/id_ed25519_sk | 1064 | .It Pa ~/.ssh/id_ed25519_sk |
1066 | .It Pa ~/.ssh/id_rsa | 1065 | .It Pa ~/.ssh/id_rsa |
1067 | Contains the DSA, ECDSA, security key-hosted ECDSA, Ed25519, | 1066 | Contains the DSA, ECDSA, authenticator-hosted ECDSA, Ed25519, |
1068 | security key-hosted Ed25519 or RSA authentication identity of the user. | 1067 | authenticator-hosted Ed25519 or RSA authentication identity of the user. |
1069 | This file should not be readable by anyone but the user. | 1068 | This file should not be readable by anyone but the user. |
1070 | It is possible to | 1069 | It is possible to |
1071 | specify a passphrase when generating the key; that passphrase will be | 1070 | specify a passphrase when generating the key; that passphrase will be |
@@ -1082,8 +1081,8 @@ will read this file when a login attempt is made. | |||
1082 | .It Pa ~/.ssh/id_ed25519.pub | 1081 | .It Pa ~/.ssh/id_ed25519.pub |
1083 | .It Pa ~/.ssh/id_ed25519_sk.pub | 1082 | .It Pa ~/.ssh/id_ed25519_sk.pub |
1084 | .It Pa ~/.ssh/id_rsa.pub | 1083 | .It Pa ~/.ssh/id_rsa.pub |
1085 | Contains the DSA, ECDSA, security key-hosted ECDSA, Ed25519, | 1084 | Contains the DSA, ECDSA, authenticator-hosted ECDSA, Ed25519, |
1086 | security key-hosted Ed25519 or RSA public key for authentication. | 1085 | authenticator-hosted Ed25519 or RSA public key for authentication. |
1087 | The contents of this file should be added to | 1086 | The contents of this file should be added to |
1088 | .Pa ~/.ssh/authorized_keys | 1087 | .Pa ~/.ssh/authorized_keys |
1089 | on all machines | 1088 | on all machines |