diff options
| author | naddy@openbsd.org <naddy@openbsd.org> | 2019-12-21 20:22:34 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2019-12-30 14:31:40 +1100 |
| commit | 141df487ba699cfd1ec3dcd98186e7c956e99024 (patch) | |
| tree | d759e3195bf74db1bf1673c563dd24450fcc4c50 /ssh-keygen.1 | |
| parent | fbd9729d4eadf2f7097b6017156387ac64302453 (diff) | |
upstream: Replace the term "security key" with "(FIDO)
authenticator".
The polysemous use of "key" was too confusing. Input from markus@.
ok jmc@
OpenBSD-Commit-ID: 12eea973a44c8232af89f86e4269d71ae900ca8f
Diffstat (limited to 'ssh-keygen.1')
| -rw-r--r-- | ssh-keygen.1 | 25 |
1 files changed, 12 insertions, 13 deletions
diff --git a/ssh-keygen.1 b/ssh-keygen.1 index 1b77bdf6d..e48597388 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1 | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | .\" $OpenBSD: ssh-keygen.1,v 1.179 2019/11/30 07:07:59 jmc Exp $ | 1 | .\" $OpenBSD: ssh-keygen.1,v 1.180 2019/12/21 20:22:34 naddy Exp $ |
| 2 | .\" | 2 | .\" |
| 3 | .\" Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | .\" Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -35,7 +35,7 @@ | |||
| 35 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 35 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
| 36 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 36 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 37 | .\" | 37 | .\" |
| 38 | .Dd $Mdocdate: November 30 2019 $ | 38 | .Dd $Mdocdate: December 21 2019 $ |
| 39 | .Dt SSH-KEYGEN 1 | 39 | .Dt SSH-KEYGEN 1 |
| 40 | .Os | 40 | .Os |
| 41 | .Sh NAME | 41 | .Sh NAME |
| @@ -537,7 +537,7 @@ Allows X11 forwarding. | |||
| 537 | .It Ic no-touch-required | 537 | .It Ic no-touch-required |
| 538 | Do not require signatures made using this key require demonstration | 538 | Do not require signatures made using this key require demonstration |
| 539 | of user presence (e.g. by having the user touch the key). | 539 | of user presence (e.g. by having the user touch the key). |
| 540 | This option only makes sense for the Security Key algorithms | 540 | This option only makes sense for the FIDO authenticator algorithms |
| 541 | .Cm ecdsa-sk | 541 | .Cm ecdsa-sk |
| 542 | and | 542 | and |
| 543 | .Cm ed25519-sk . | 543 | .Cm ed25519-sk . |
| @@ -673,11 +673,11 @@ The maximum is 3. | |||
| 673 | .It Fl W Ar generator | 673 | .It Fl W Ar generator |
| 674 | Specify desired generator when testing candidate moduli for DH-GEX. | 674 | Specify desired generator when testing candidate moduli for DH-GEX. |
| 675 | .It Fl w Ar provider | 675 | .It Fl w Ar provider |
| 676 | Specifies a path to a security key provider library that will be used when | 676 | Specifies a path to a library that will be used when creating |
| 677 | creating any security key-hosted keys, overriding the default of the | 677 | FIDO authenticator-hosted keys, overriding the default of using |
| 678 | internal support for USB HID keys. | 678 | the internal USB HID support. |
| 679 | .It Fl x Ar flags | 679 | .It Fl x Ar flags |
| 680 | Specifies the security key flags to use when enrolling a security key-hosted | 680 | Specifies the authenticator flags to use when enrolling an authenticator-hosted |
| 681 | key. | 681 | key. |
| 682 | Flags may be specified by name or directly as a hexadecimal value. | 682 | Flags may be specified by name or directly as a hexadecimal value. |
| 683 | Only one named flag is supported at present: | 683 | Only one named flag is supported at present: |
| @@ -1053,8 +1053,7 @@ user2@example.com namespaces="file" ssh-ed25519 AAA41... | |||
| 1053 | .Sh ENVIRONMENT | 1053 | .Sh ENVIRONMENT |
| 1054 | .Bl -tag -width Ds | 1054 | .Bl -tag -width Ds |
| 1055 | .It Ev SSH_SK_PROVIDER | 1055 | .It Ev SSH_SK_PROVIDER |
| 1056 | Specifies the path to a security key provider library used to interact with | 1056 | Specifies the path to a library used to interact with FIDO authenticators. |
| 1057 | hardware security keys. | ||
| 1058 | .El | 1057 | .El |
| 1059 | .Sh FILES | 1058 | .Sh FILES |
| 1060 | .Bl -tag -width Ds -compact | 1059 | .Bl -tag -width Ds -compact |
| @@ -1064,8 +1063,8 @@ hardware security keys. | |||
| 1064 | .It Pa ~/.ssh/id_ed25519 | 1063 | .It Pa ~/.ssh/id_ed25519 |
| 1065 | .It Pa ~/.ssh/id_ed25519_sk | 1064 | .It Pa ~/.ssh/id_ed25519_sk |
| 1066 | .It Pa ~/.ssh/id_rsa | 1065 | .It Pa ~/.ssh/id_rsa |
| 1067 | Contains the DSA, ECDSA, security key-hosted ECDSA, Ed25519, | 1066 | Contains the DSA, ECDSA, authenticator-hosted ECDSA, Ed25519, |
| 1068 | security key-hosted Ed25519 or RSA authentication identity of the user. | 1067 | authenticator-hosted Ed25519 or RSA authentication identity of the user. |
| 1069 | This file should not be readable by anyone but the user. | 1068 | This file should not be readable by anyone but the user. |
| 1070 | It is possible to | 1069 | It is possible to |
| 1071 | specify a passphrase when generating the key; that passphrase will be | 1070 | specify a passphrase when generating the key; that passphrase will be |
| @@ -1082,8 +1081,8 @@ will read this file when a login attempt is made. | |||
| 1082 | .It Pa ~/.ssh/id_ed25519.pub | 1081 | .It Pa ~/.ssh/id_ed25519.pub |
| 1083 | .It Pa ~/.ssh/id_ed25519_sk.pub | 1082 | .It Pa ~/.ssh/id_ed25519_sk.pub |
| 1084 | .It Pa ~/.ssh/id_rsa.pub | 1083 | .It Pa ~/.ssh/id_rsa.pub |
| 1085 | Contains the DSA, ECDSA, security key-hosted ECDSA, Ed25519, | 1084 | Contains the DSA, ECDSA, authenticator-hosted ECDSA, Ed25519, |
| 1086 | security key-hosted Ed25519 or RSA public key for authentication. | 1085 | authenticator-hosted Ed25519 or RSA public key for authentication. |
| 1087 | The contents of this file should be added to | 1086 | The contents of this file should be added to |
| 1088 | .Pa ~/.ssh/authorized_keys | 1087 | .Pa ~/.ssh/authorized_keys |
| 1089 | on all machines | 1088 | on all machines |