diff options
author | Damien Miller <djm@mindrot.org> | 2010-07-02 13:35:01 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2010-07-02 13:35:01 +1000 |
commit | 44b25040110a224a79ff371ee548be9a10ba8bfa (patch) | |
tree | 19e7e606355d900658326870a984fac97e6d3940 /ssh-keygen.1 | |
parent | b96c441ee2e4d8ffae756d0d74e2777149c91067 (diff) |
- djm@cvs.openbsd.org 2010/06/29 23:15:30
[ssh-keygen.1 ssh-keygen.c]
allow import (-i) and export (-e) of PEM and PKCS#8 encoded keys;
bz#1749; ok markus@
Diffstat (limited to 'ssh-keygen.1')
-rw-r--r-- | ssh-keygen.1 | 47 |
1 files changed, 34 insertions, 13 deletions
diff --git a/ssh-keygen.1 b/ssh-keygen.1 index 26ae31f5e..0d62255ba 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1 | |||
@@ -1,4 +1,4 @@ | |||
1 | .\" $OpenBSD: ssh-keygen.1,v 1.94 2010/04/16 06:47:04 jmc Exp $ | 1 | .\" $OpenBSD: ssh-keygen.1,v 1.95 2010/06/29 23:15:30 djm Exp $ |
2 | .\" | 2 | .\" |
3 | .\" -*- nroff -*- | 3 | .\" -*- nroff -*- |
4 | .\" | 4 | .\" |
@@ -37,7 +37,7 @@ | |||
37 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 37 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
38 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 38 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
39 | .\" | 39 | .\" |
40 | .Dd $Mdocdate: April 16 2010 $ | 40 | .Dd $Mdocdate: June 29 2010 $ |
41 | .Dt SSH-KEYGEN 1 | 41 | .Dt SSH-KEYGEN 1 |
42 | .Os | 42 | .Os |
43 | .Sh NAME | 43 | .Sh NAME |
@@ -59,9 +59,11 @@ | |||
59 | .Op Fl f Ar keyfile | 59 | .Op Fl f Ar keyfile |
60 | .Nm ssh-keygen | 60 | .Nm ssh-keygen |
61 | .Fl i | 61 | .Fl i |
62 | .Op Fl m Ar key_format | ||
62 | .Op Fl f Ar input_keyfile | 63 | .Op Fl f Ar input_keyfile |
63 | .Nm ssh-keygen | 64 | .Nm ssh-keygen |
64 | .Fl e | 65 | .Fl e |
66 | .Op Fl m Ar key_format | ||
65 | .Op Fl f Ar input_keyfile | 67 | .Op Fl f Ar input_keyfile |
66 | .Nm ssh-keygen | 68 | .Nm ssh-keygen |
67 | .Fl y | 69 | .Fl y |
@@ -215,11 +217,13 @@ Download the RSA public keys provided by the PKCS#11 shared library | |||
215 | .Ar pkcs11 . | 217 | .Ar pkcs11 . |
216 | .It Fl e | 218 | .It Fl e |
217 | This option will read a private or public OpenSSH key file and | 219 | This option will read a private or public OpenSSH key file and |
218 | print the key in | 220 | print to stdout the key in one of the formats specified by the |
219 | RFC 4716 SSH Public Key File Format | 221 | .Fl m |
220 | to stdout. | 222 | option. |
221 | This option allows exporting keys for use by several commercial | 223 | The default export format is |
222 | SSH implementations. | 224 | .Dq RFC4716 . |
225 | This option allows exporting OpenSSH key for use by other programs, including | ||
226 | several commercial SSH implementations. | ||
223 | .It Fl F Ar hostname | 227 | .It Fl F Ar hostname |
224 | Search for the specified | 228 | Search for the specified |
225 | .Ar hostname | 229 | .Ar hostname |
@@ -270,13 +274,14 @@ Please see the | |||
270 | section for details. | 274 | section for details. |
271 | .It Fl i | 275 | .It Fl i |
272 | This option will read an unencrypted private (or public) key file | 276 | This option will read an unencrypted private (or public) key file |
273 | in SSH2-compatible format and print an OpenSSH compatible private | 277 | in the format specified by the |
278 | .Fl m | ||
279 | option and print an OpenSSH compatible private | ||
274 | (or public) key to stdout. | 280 | (or public) key to stdout. |
275 | .Nm | 281 | This option allows importing keys from other software, including several |
276 | also reads the | 282 | commercial SSH implementations. |
277 | RFC 4716 SSH Public Key File Format. | 283 | The default import format is |
278 | This option allows importing keys from several commercial | 284 | .Dq RFC4716 . |
279 | SSH implementations. | ||
280 | .It Fl L | 285 | .It Fl L |
281 | Prints the contents of a certificate. | 286 | Prints the contents of a certificate. |
282 | .It Fl l | 287 | .It Fl l |
@@ -288,6 +293,22 @@ tries to find the matching public key file and prints its fingerprint. | |||
288 | If combined with | 293 | If combined with |
289 | .Fl v , | 294 | .Fl v , |
290 | an ASCII art representation of the key is supplied with the fingerprint. | 295 | an ASCII art representation of the key is supplied with the fingerprint. |
296 | .It Fl m Ar key_format | ||
297 | Specify a key format for the | ||
298 | .Fl i | ||
299 | (import) or | ||
300 | .Fl e | ||
301 | (export) coversion options. | ||
302 | The supported key formats are: | ||
303 | .Dq RFC4716 | ||
304 | (RFC4716/SSH2 public or private key), | ||
305 | .Dq PKCS8 | ||
306 | (PEM PKCS8 public key) | ||
307 | or | ||
308 | .Dq PEM | ||
309 | (PEM public key). | ||
310 | The default conversion format is | ||
311 | .Dq RFC4716 . | ||
291 | .It Fl M Ar memory | 312 | .It Fl M Ar memory |
292 | Specify the amount of memory to use (in megabytes) when generating | 313 | Specify the amount of memory to use (in megabytes) when generating |
293 | candidate moduli for DH-GEX. | 314 | candidate moduli for DH-GEX. |