- jmc@cvs.openbsd.org 2012/08/15 18:25:50

[ssh-keygen.1] a little more info on certificate validity; requested by Ross L Richardson, and provided by djm
author: Darren Tucker <dtucker@zip.com.au> 2012-09-06 21:18:11 +1000
committer: Darren Tucker <dtucker@zip.com.au> 2012-09-06 21:18:11 +1000
commit: 3ee50c5d9f95cd40df403cf1a91fdaffefa21cc5 (patch)
tree: 6278a023f595a9c1dc0b9a4a456d9e109d40a412 /ssh-keygen.1
parent: 23e4b80a6085bddea80e2e64b4df99dd4931b1ea (diff)
1 files changed, 5 insertions, 3 deletions
diff --git a/ssh-keygen.1 b/ssh-keygen.1
index 03f927edf..1d5564640 100644
--- a/ssh-keygen.1
+++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: ssh-keygen.1,v 1.109 2012/07/06 00:41:59 dtucker Exp $
+.\"     $OpenBSD: ssh-keygen.1,v 1.110 2012/08/15 18:25:50 jmc Exp $
 .\"
 .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
 .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -35,7 +35,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: July 6 2012 $
+.Dd $Mdocdate: August 15 2012 $
 .Dt SSH-KEYGEN 1
 .Os
 .Sh NAME
@@ -628,7 +628,9 @@ The
 option allows specification of certificate start and end times.
 A certificate that is presented at a time outside this range will not be
 considered valid.
-By default, certificates have a maximum validity interval.
+By default, certificates are valid from
+.Ux
+Epoch to the distant future.
 .Pp
 For certificates to be used for user or host authentication, the CA
 public key must be trusted by
author	Darren Tucker <dtucker@zip.com.au>	2012-09-06 21:18:11 +1000
committer	Darren Tucker <dtucker@zip.com.au>	2012-09-06 21:18:11 +1000
commit	3ee50c5d9f95cd40df403cf1a91fdaffefa21cc5 (patch)
tree	6278a023f595a9c1dc0b9a4a456d9e109d40a412 /ssh-keygen.1
parent	23e4b80a6085bddea80e2e64b4df99dd4931b1ea (diff)

diff --git a/ssh-keygen.1 b/ssh-keygen.1 index 03f927edf..1d5564640 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: ssh-keygen.1,v 1.109 2012/07/06 00:41:59 dtucker Exp $	1	.\" $OpenBSD: ssh-keygen.1,v 1.110 2012/08/15 18:25:50 jmc Exp $
2	.\"	2	.\"
3	.\" Author: Tatu Ylonen <ylo@cs.hut.fi>	3	.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
4	.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -35,7 +35,7 @@
35	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	35	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
36	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	36	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
37	.\"	37	.\"
38	.Dd $Mdocdate: July 6 2012 $	38	.Dd $Mdocdate: August 15 2012 $
39	.Dt SSH-KEYGEN 1	39	.Dt SSH-KEYGEN 1
40	.Os	40	.Os
41	.Sh NAME	41	.Sh NAME
@@ -628,7 +628,9 @@ The
628	option allows specification of certificate start and end times.	628	option allows specification of certificate start and end times.
629	A certificate that is presented at a time outside this range will not be	629	A certificate that is presented at a time outside this range will not be
630	considered valid.	630	considered valid.
631	By default, certificates have a maximum validity interval.	631	By default, certificates are valid from
		632	.Ux
		633	Epoch to the distant future.
632	.Pp	634	.Pp
633	For certificates to be used for user or host authentication, the CA	635	For certificates to be used for user or host authentication, the CA
634	public key must be trusted by	636	public key must be trusted by