- djm@cvs.openbsd.org 2010/06/29 23:15:30

[ssh-keygen.1 ssh-keygen.c] allow import (-i) and export (-e) of PEM and PKCS#8 encoded keys; bz#1749; ok markus@
author: Damien Miller <djm@mindrot.org> 2010-07-02 13:35:01 +1000
committer: Damien Miller <djm@mindrot.org> 2010-07-02 13:35:01 +1000
commit: 44b25040110a224a79ff371ee548be9a10ba8bfa (patch)
tree: 19e7e606355d900658326870a984fac97e6d3940 /ssh-keygen.1
parent: b96c441ee2e4d8ffae756d0d74e2777149c91067 (diff)
1 files changed, 34 insertions, 13 deletions
diff --git a/ssh-keygen.1 b/ssh-keygen.1
index 26ae31f5e..0d62255ba 100644
--- a/ssh-keygen.1
+++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: ssh-keygen.1,v 1.94 2010/04/16 06:47:04 jmc Exp $
+.\"     $OpenBSD: ssh-keygen.1,v 1.95 2010/06/29 23:15:30 djm Exp $
 .\"
 .\"  -*- nroff -*-
 .\"
@@ -37,7 +37,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: April 16 2010 $
+.Dd $Mdocdate: June 29 2010 $
 .Dt SSH-KEYGEN 1
 .Os
 .Sh NAME
@@ -59,9 +59,11 @@
 .Op Fl f Ar keyfile
 .Nm ssh-keygen
 .Fl i
+.Op Fl m Ar key_format
 .Op Fl f Ar input_keyfile
 .Nm ssh-keygen
 .Fl e
+.Op Fl m Ar key_format
 .Op Fl f Ar input_keyfile
 .Nm ssh-keygen
 .Fl y
@@ -215,11 +217,13 @@ Download the RSA public keys provided by the PKCS#11 shared library
 .Ar pkcs11 .
 .It Fl e
 This option will read a private or public OpenSSH key file and
-print the key in
+print to stdout the key in one of the formats specified by the
-RFC 4716 SSH Public Key File Format
+.Fl m
-to stdout.
+option.
-This option allows exporting keys for use by several commercial
+The default export format is
-SSH implementations.
+.Dq RFC4716 .
+This option allows exporting OpenSSH key for use by other programs, including
+several commercial SSH implementations.
 .It Fl F Ar hostname
 Search for the specified
 .Ar hostname
@@ -270,13 +274,14 @@ Please see the
 section for details.
 .It Fl i
 This option will read an unencrypted private (or public) key file
-in SSH2-compatible format and print an OpenSSH compatible private
+in the format specified by the
+.Fl m
+option and print an OpenSSH compatible private
 (or public) key to stdout.
-.Nm
+This option allows importing keys from other software, including several
-also reads the
+commercial SSH implementations.
-RFC 4716 SSH Public Key File Format.
+The default import format is
-This option allows importing keys from several commercial
+.Dq RFC4716 .
-SSH implementations.
 .It Fl L
 Prints the contents of a certificate.
 .It Fl l
@@ -288,6 +293,22 @@ tries to find the matching public key file and prints its fingerprint.
 If combined with
 .Fl v ,
 an ASCII art representation of the key is supplied with the fingerprint.
+.It Fl m Ar key_format
+Specify a key format for the
+.Fl i
+(import) or
+.Fl e
+(export) coversion options.
+The supported key formats are:
+.Dq RFC4716
+(RFC4716/SSH2 public or private key),
+.Dq PKCS8
+(PEM PKCS8 public key)
+or
+.Dq PEM
+(PEM public key).
+The default conversion format is
+.Dq RFC4716 .
 .It Fl M Ar memory
 Specify the amount of memory to use (in megabytes) when generating
 candidate moduli for DH-GEX.
author	Damien Miller <djm@mindrot.org>	2010-07-02 13:35:01 +1000
committer	Damien Miller <djm@mindrot.org>	2010-07-02 13:35:01 +1000
commit	44b25040110a224a79ff371ee548be9a10ba8bfa (patch)
tree	19e7e606355d900658326870a984fac97e6d3940 /ssh-keygen.1
parent	b96c441ee2e4d8ffae756d0d74e2777149c91067 (diff)

diff --git a/ssh-keygen.1 b/ssh-keygen.1 index 26ae31f5e..0d62255ba 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: ssh-keygen.1,v 1.94 2010/04/16 06:47:04 jmc Exp $	1	.\" $OpenBSD: ssh-keygen.1,v 1.95 2010/06/29 23:15:30 djm Exp $
2	.\"	2	.\"
3	.\" -- nroff --	3	.\" -- nroff --
4	.\"	4	.\"
@@ -37,7 +37,7 @@
37	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	37	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
38	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	38	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
39	.\"	39	.\"
40	.Dd $Mdocdate: April 16 2010 $	40	.Dd $Mdocdate: June 29 2010 $
41	.Dt SSH-KEYGEN 1	41	.Dt SSH-KEYGEN 1
42	.Os	42	.Os
43	.Sh NAME	43	.Sh NAME
@@ -59,9 +59,11 @@
59	.Op Fl f Ar keyfile	59	.Op Fl f Ar keyfile
60	.Nm ssh-keygen	60	.Nm ssh-keygen
61	.Fl i	61	.Fl i
		62	.Op Fl m Ar key_format
62	.Op Fl f Ar input_keyfile	63	.Op Fl f Ar input_keyfile
63	.Nm ssh-keygen	64	.Nm ssh-keygen
64	.Fl e	65	.Fl e
		66	.Op Fl m Ar key_format
65	.Op Fl f Ar input_keyfile	67	.Op Fl f Ar input_keyfile
66	.Nm ssh-keygen	68	.Nm ssh-keygen
67	.Fl y	69	.Fl y
@@ -215,11 +217,13 @@ Download the RSA public keys provided by the PKCS#11 shared library
215	.Ar pkcs11 .	217	.Ar pkcs11 .
216	.It Fl e	218	.It Fl e
217	This option will read a private or public OpenSSH key file and	219	This option will read a private or public OpenSSH key file and
218	print the key in	220	print to stdout the key in one of the formats specified by the
219	RFC 4716 SSH Public Key File Format	221	.Fl m
220	to stdout.	222	option.
221	This option allows exporting keys for use by several commercial	223	The default export format is
222	SSH implementations.	224	.Dq RFC4716 .
		225	This option allows exporting OpenSSH key for use by other programs, including
		226	several commercial SSH implementations.
223	.It Fl F Ar hostname	227	.It Fl F Ar hostname
224	Search for the specified	228	Search for the specified
225	.Ar hostname	229	.Ar hostname
@@ -270,13 +274,14 @@ Please see the
270	section for details.	274	section for details.
271	.It Fl i	275	.It Fl i
272	This option will read an unencrypted private (or public) key file	276	This option will read an unencrypted private (or public) key file
273	in SSH2-compatible format and print an OpenSSH compatible private	277	in the format specified by the
		278	.Fl m
		279	option and print an OpenSSH compatible private
274	(or public) key to stdout.	280	(or public) key to stdout.
275	.Nm	281	This option allows importing keys from other software, including several
276	also reads the	282	commercial SSH implementations.
277	RFC 4716 SSH Public Key File Format.	283	The default import format is
278	This option allows importing keys from several commercial	284	.Dq RFC4716 .
279	SSH implementations.
280	.It Fl L	285	.It Fl L
281	Prints the contents of a certificate.	286	Prints the contents of a certificate.
282	.It Fl l	287	.It Fl l
@@ -288,6 +293,22 @@ tries to find the matching public key file and prints its fingerprint.
288	If combined with	293	If combined with
289	.Fl v ,	294	.Fl v ,
290	an ASCII art representation of the key is supplied with the fingerprint.	295	an ASCII art representation of the key is supplied with the fingerprint.
		296	.It Fl m Ar key_format
		297	Specify a key format for the
		298	.Fl i
		299	(import) or
		300	.Fl e
		301	(export) coversion options.
		302	The supported key formats are:
		303	.Dq RFC4716
		304	(RFC4716/SSH2 public or private key),
		305	.Dq PKCS8
		306	(PEM PKCS8 public key)
		307	or
		308	.Dq PEM
		309	(PEM public key).
		310	The default conversion format is
		311	.Dq RFC4716 .
291	.It Fl M Ar memory	312	.It Fl M Ar memory
292	Specify the amount of memory to use (in megabytes) when generating	313	Specify the amount of memory to use (in megabytes) when generating
293	candidate moduli for DH-GEX.	314	candidate moduli for DH-GEX.