diff options
author | Damien Miller <djm@mindrot.org> | 2010-04-18 08:08:03 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2010-04-18 08:08:03 +1000 |
commit | 1f181425e9c66781043c205339098c1b89aaac70 (patch) | |
tree | bdbb2a08f5ffdc068fd41a05be2677ca36465815 /ssh-keygen.1 | |
parent | c4eddee1b7281dc076f8539569ca78291dde8103 (diff) |
- jmc@cvs.openbsd.org 2010/04/16 06:47:04
[ssh-keygen.1 ssh-keygen.c]
tweak previous; ok djm
Diffstat (limited to 'ssh-keygen.1')
-rw-r--r-- | ssh-keygen.1 | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/ssh-keygen.1 b/ssh-keygen.1 index aacd4d3dc..26ae31f5e 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1 | |||
@@ -1,4 +1,4 @@ | |||
1 | .\" $OpenBSD: ssh-keygen.1,v 1.93 2010/04/16 01:47:26 djm Exp $ | 1 | .\" $OpenBSD: ssh-keygen.1,v 1.94 2010/04/16 06:47:04 jmc Exp $ |
2 | .\" | 2 | .\" |
3 | .\" -*- nroff -*- | 3 | .\" -*- nroff -*- |
4 | .\" | 4 | .\" |
@@ -506,7 +506,7 @@ that both ends of a connection share common moduli. | |||
506 | supports signing of keys to produce certificates that may be used for | 506 | supports signing of keys to produce certificates that may be used for |
507 | user or host authentication. | 507 | user or host authentication. |
508 | Certificates consist of a public key, some identity information, zero or | 508 | Certificates consist of a public key, some identity information, zero or |
509 | more principal (user or host) names and an optional set of options that | 509 | more principal (user or host) names and a set of options that |
510 | are signed by a Certification Authority (CA) key. | 510 | are signed by a Certification Authority (CA) key. |
511 | Clients or servers may then trust only the CA key and verify its signature | 511 | Clients or servers may then trust only the CA key and verify its signature |
512 | on a certificate rather than trusting many user/host keys. | 512 | on a certificate rather than trusting many user/host keys. |
@@ -546,7 +546,7 @@ To generate a certificate for a specified set of principals: | |||
546 | .Dl "$ ssh-keygen -s ca_key -I key_id -h -n host.domain user_key.pub" | 546 | .Dl "$ ssh-keygen -s ca_key -I key_id -h -n host.domain user_key.pub" |
547 | .Pp | 547 | .Pp |
548 | Additional limitations on the validity and use of user certificates may | 548 | Additional limitations on the validity and use of user certificates may |
549 | be specified through certificate options.. | 549 | be specified through certificate options. |
550 | A certificate option may disable features of the SSH session, may be | 550 | A certificate option may disable features of the SSH session, may be |
551 | valid only when presented from particular source addresses or may | 551 | valid only when presented from particular source addresses or may |
552 | force the use of a specific command. | 552 | force the use of a specific command. |