diff options
| author | Damien Miller <djm@mindrot.org> | 2010-02-12 09:21:02 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2010-02-12 09:21:02 +1100 |
| commit | 7ea845e48df6d34a333ebbe79380cba0938d02a5 (patch) | |
| tree | 44ab0d3fdfe0560b7ca92f5747e9dd5d012aea18 /ssh-keygen.1 | |
| parent | 17751bcab25681d341442fdc2386a30a6bea345e (diff) | |
- markus@cvs.openbsd.org 2010/02/08 10:50:20
[pathnames.h readconf.c readconf.h scp.1 sftp.1 ssh-add.1 ssh-add.c]
[ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config.5]
replace our obsolete smartcard code with PKCS#11.
ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs-11v2-20.pdf
ssh(1) and ssh-keygen(1) use dlopen(3) directly to talk to a PKCS#11
provider (shared library) while ssh-agent(1) delegates PKCS#11 to
a forked a ssh-pkcs11-helper process.
PKCS#11 is currently a compile time option.
feedback and ok djm@; inspired by patches from Alon Bar-Lev
`
Diffstat (limited to 'ssh-keygen.1')
| -rw-r--r-- | ssh-keygen.1 | 14 |
1 files changed, 6 insertions, 8 deletions
diff --git a/ssh-keygen.1 b/ssh-keygen.1 index 9e59c16f7..7dc76976a 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1 | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | .\" $OpenBSD: ssh-keygen.1,v 1.80 2009/10/24 00:48:34 dtucker Exp $ | 1 | .\" $OpenBSD: ssh-keygen.1,v 1.81 2010/02/08 10:50:20 markus Exp $ |
| 2 | .\" | 2 | .\" |
| 3 | .\" -*- nroff -*- | 3 | .\" -*- nroff -*- |
| 4 | .\" | 4 | .\" |
| @@ -37,7 +37,7 @@ | |||
| 37 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 37 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
| 38 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 38 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 39 | .\" | 39 | .\" |
| 40 | .Dd $Mdocdate: October 24 2009 $ | 40 | .Dd $Mdocdate: February 8 2010 $ |
| 41 | .Dt SSH-KEYGEN 1 | 41 | .Dt SSH-KEYGEN 1 |
| 42 | .Os | 42 | .Os |
| 43 | .Sh NAME | 43 | .Sh NAME |
| @@ -201,9 +201,10 @@ Requests changing the comment in the private and public key files. | |||
| 201 | This operation is only supported for RSA1 keys. | 201 | This operation is only supported for RSA1 keys. |
| 202 | The program will prompt for the file containing the private keys, for | 202 | The program will prompt for the file containing the private keys, for |
| 203 | the passphrase if the key has one, and for the new comment. | 203 | the passphrase if the key has one, and for the new comment. |
| 204 | .It Fl D Ar reader | 204 | .It Fl D Ar pkcs11 |
| 205 | Download the RSA public key stored in the smartcard in | 205 | Download the RSA public keys stored in the |
| 206 | .Ar reader . | 206 | .Ar pkcs11 |
| 207 | provider. | ||
| 207 | .It Fl e | 208 | .It Fl e |
| 208 | This option will read a private or public OpenSSH key file and | 209 | This option will read a private or public OpenSSH key file and |
| 209 | print the key in | 210 | print the key in |
| @@ -313,9 +314,6 @@ for protocol version 1 and | |||
| 313 | or | 314 | or |
| 314 | .Dq dsa | 315 | .Dq dsa |
| 315 | for protocol version 2. | 316 | for protocol version 2. |
| 316 | .It Fl U Ar reader | ||
| 317 | Upload an existing RSA private key into the smartcard in | ||
| 318 | .Ar reader . | ||
| 319 | .It Fl v | 317 | .It Fl v |
| 320 | Verbose mode. | 318 | Verbose mode. |
| 321 | Causes | 319 | Causes |