- deraadt@cvs.openbsd.org 2014/03/15 17:28:26

[ssh-agent.c ssh-keygen.1 ssh-keygen.c] Improve usage() and documentation towards the standard form. In particular, this line saves a lot of man page reading time. usage: ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa | rsa1] [-N new_passphrase] [-C comment] [-f output_keyfile] ok schwarze jmc
author: Damien Miller <djm@mindrot.org> 2014-04-20 13:01:30 +1000
committer: Damien Miller <djm@mindrot.org> 2014-04-20 13:01:30 +1000
commit: f0858de6e1324ec730752387074b111b8551081e (patch)
tree: 99f994b3ec292ddcfa0f82386270f760810abe97 /ssh-keygen.c
parent: 94bfe0fbd6e91a56b5b0ab94ac955d2a67d101aa (diff)
1 files changed, 28 insertions, 49 deletions
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 64d1a5f3c..75dea318f 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.242 2014/03/12 04:50:32 djm Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.243 2014/03/15 17:28:26 deraadt Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -2149,56 +2149,35 @@ do_check_krl(struct passwd *pw, int argc, char **argv)
 static void
 usage(void)
 {
-        fprintf(stderr, "usage: %s [options]\n", __progname);
+        fprintf(stderr,
-        fprintf(stderr, "Options:\n");
+            "usage: ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa | rsa1]\n"
-        fprintf(stderr, "  -A          Generate non-existent host keys for all key types.\n");
+            "                  [-N new_passphrase] [-C comment] [-f output_keyfile]\n"
-        fprintf(stderr, "  -a number   Number of KDF rounds for new key format or moduli primality tests.\n");
+            "       ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile]\n"
-        fprintf(stderr, "  -B          Show bubblebabble digest of key file.\n");
+            "       ssh-keygen -i [-m key_format] [-f input_keyfile]\n"
-        fprintf(stderr, "  -b bits     Number of bits in the key to create.\n");
+            "       ssh-keygen -e [-m key_format] [-f input_keyfile]\n"
-        fprintf(stderr, "  -C comment  Provide new comment.\n");
+            "       ssh-keygen -y [-f input_keyfile]\n"
-        fprintf(stderr, "  -c          Change comment in private and public key files.\n");
+            "       ssh-keygen -c [-P passphrase] [-C comment] [-f keyfile]\n"
+            "       ssh-keygen -l [-f input_keyfile]\n"
+            "       ssh-keygen -B [-f input_keyfile]\n");
 #ifdef ENABLE_PKCS11
-        fprintf(stderr, "  -D pkcs11   Download public key from pkcs11 token.\n");
+        fprintf(stderr,
+            "       ssh-keygen -D pkcs11\n");
 #endif
-        fprintf(stderr, "  -e          Export OpenSSH to foreign format key file.\n");
+        fprintf(stderr,
-        fprintf(stderr, "  -F hostname Find hostname in known hosts file.\n");
+            "       ssh-keygen -F hostname [-f known_hosts_file] [-l]\n"
-        fprintf(stderr, "  -f filename Filename of the key file.\n");
+            "       ssh-keygen -H [-f known_hosts_file]\n"
-        fprintf(stderr, "  -G file     Generate candidates for DH-GEX moduli.\n");
+            "       ssh-keygen -R hostname [-f known_hosts_file]\n"
-        fprintf(stderr, "  -g          Use generic DNS resource record format.\n");
+            "       ssh-keygen -r hostname [-f input_keyfile] [-g]\n"
-        fprintf(stderr, "  -H          Hash names in known_hosts file.\n");
+            "       ssh-keygen -G output_file [-v] [-b bits] [-M memory] [-S start_point]\n"
-        fprintf(stderr, "  -h          Generate host certificate instead of a user certificate.\n");
+            "       ssh-keygen -T output_file -f input_file [-v] [-a rounds] [-J num_lines]\n"
-        fprintf(stderr, "  -I key_id   Key identifier to include in certificate.\n");
+            "                  [-j start_line] [-K checkpt] [-W generator]\n"
-        fprintf(stderr, "  -i          Import foreign format to OpenSSH key file.\n");
+            "       ssh-keygen -s ca_key -I certificate_identity [-h] [-n principals]\n"
-        fprintf(stderr, "  -J number   Screen this number of moduli lines.\n");
+            "                  [-O option] [-V validity_interval] [-z serial_number] file ...\n"
-        fprintf(stderr, "  -j number   Start screening moduli at specified line.\n");
+            "       ssh-keygen -L [-f input_keyfile]\n"
-        fprintf(stderr, "  -K checkpt  Write checkpoints to this file.\n");
+            "       ssh-keygen -A\n"
-        fprintf(stderr, "  -k          Generate a KRL file.\n");
+            "       ssh-keygen -k -f krl_file [-u] [-s ca_public] [-z version_number]\n"
-        fprintf(stderr, "  -L          Print the contents of a certificate.\n");
+            "                  file ...\n"
-        fprintf(stderr, "  -l          Show fingerprint of key file.\n");
+            "       ssh-keygen -Q -f krl_file file ...\n");
-        fprintf(stderr, "  -M memory   Amount of memory (MB) to use for generating DH-GEX moduli.\n");
-        fprintf(stderr, "  -m key_fmt  Conversion format for -e/-i (PEM|PKCS8|RFC4716).\n");
-        fprintf(stderr, "  -N phrase   Provide new passphrase.\n");
-        fprintf(stderr, "  -n name,... User/host principal names to include in certificate\n");
-        fprintf(stderr, "  -O option   Specify a certificate option.\n");
-        fprintf(stderr, "  -o          Enforce new private key format.\n");
-        fprintf(stderr, "  -P phrase   Provide old passphrase.\n");
-        fprintf(stderr, "  -p          Change passphrase of private key file.\n");
-        fprintf(stderr, "  -Q          Test whether key(s) are revoked in KRL.\n");
-        fprintf(stderr, "  -q          Quiet.\n");
-        fprintf(stderr, "  -R hostname Remove host from known_hosts file.\n");
-        fprintf(stderr, "  -r hostname Print DNS resource record.\n");
-        fprintf(stderr, "  -S start    Start point (hex) for generating DH-GEX moduli.\n");
-        fprintf(stderr, "  -s ca_key   Certify keys with CA key.\n");
-        fprintf(stderr, "  -T file     Screen candidates for DH-GEX moduli.\n");
-        fprintf(stderr, "  -t type     Specify type of key to create.\n");
-        fprintf(stderr, "  -u          Update KRL rather than creating a new one.\n");
-        fprintf(stderr, "  -V from:to  Specify certificate validity interval.\n");
-        fprintf(stderr, "  -v          Verbose.\n");
-        fprintf(stderr, "  -W gen      Generator to use for generating DH-GEX moduli.\n");
-        fprintf(stderr, "  -y          Read private key file and print public key.\n");
-        fprintf(stderr, "  -Z cipher   Specify a cipher for new private key format.\n");
-        fprintf(stderr, "  -z serial   Specify a serial number.\n");
        exit(1);
 }
author	Damien Miller <djm@mindrot.org>	2014-04-20 13:01:30 +1000
committer	Damien Miller <djm@mindrot.org>	2014-04-20 13:01:30 +1000
commit	f0858de6e1324ec730752387074b111b8551081e (patch)
tree	99f994b3ec292ddcfa0f82386270f760810abe97 /ssh-keygen.c
parent	94bfe0fbd6e91a56b5b0ab94ac955d2a67d101aa (diff)

diff --git a/ssh-keygen.c b/ssh-keygen.c index 64d1a5f3c..75dea318f 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssh-keygen.c,v 1.242 2014/03/12 04:50:32 djm Exp $ */	1	/* $OpenBSD: ssh-keygen.c,v 1.243 2014/03/15 17:28:26 deraadt Exp $ */
2	/*	2	/*
3	* Author: Tatu Ylonen <ylo@cs.hut.fi>	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
4	* Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	* Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -2149,56 +2149,35 @@ do_check_krl(struct passwd pw, int argc, char *argv)
2149	static void	2149	static void
2150	usage(void)	2150	usage(void)
2151	{	2151	{
2152	fprintf(stderr, "usage: %s [options]\n", __progname);	2152	fprintf(stderr,
2153	fprintf(stderr, "Options:\n");	2153	"usage: ssh-keygen [-q] [-b bits] [-t dsa \| ecdsa \| ed25519 \| rsa \| rsa1]\n"
2154	fprintf(stderr, " -A Generate non-existent host keys for all key types.\n");	2154	" [-N new_passphrase] [-C comment] [-f output_keyfile]\n"
2155	fprintf(stderr, " -a number Number of KDF rounds for new key format or moduli primality tests.\n");	2155	" ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile]\n"
2156	fprintf(stderr, " -B Show bubblebabble digest of key file.\n");	2156	" ssh-keygen -i [-m key_format] [-f input_keyfile]\n"
2157	fprintf(stderr, " -b bits Number of bits in the key to create.\n");	2157	" ssh-keygen -e [-m key_format] [-f input_keyfile]\n"
2158	fprintf(stderr, " -C comment Provide new comment.\n");	2158	" ssh-keygen -y [-f input_keyfile]\n"
2159	fprintf(stderr, " -c Change comment in private and public key files.\n");	2159	" ssh-keygen -c [-P passphrase] [-C comment] [-f keyfile]\n"
		2160	" ssh-keygen -l [-f input_keyfile]\n"
		2161	" ssh-keygen -B [-f input_keyfile]\n");
2160	#ifdef ENABLE_PKCS11	2162	#ifdef ENABLE_PKCS11
2161	fprintf(stderr, " -D pkcs11 Download public key from pkcs11 token.\n");	2163	fprintf(stderr,
		2164	" ssh-keygen -D pkcs11\n");
2162	#endif	2165	#endif
2163	fprintf(stderr, " -e Export OpenSSH to foreign format key file.\n");	2166	fprintf(stderr,
2164	fprintf(stderr, " -F hostname Find hostname in known hosts file.\n");	2167	" ssh-keygen -F hostname [-f known_hosts_file] [-l]\n"
2165	fprintf(stderr, " -f filename Filename of the key file.\n");	2168	" ssh-keygen -H [-f known_hosts_file]\n"
2166	fprintf(stderr, " -G file Generate candidates for DH-GEX moduli.\n");	2169	" ssh-keygen -R hostname [-f known_hosts_file]\n"
2167	fprintf(stderr, " -g Use generic DNS resource record format.\n");	2170	" ssh-keygen -r hostname [-f input_keyfile] [-g]\n"
2168	fprintf(stderr, " -H Hash names in known_hosts file.\n");	2171	" ssh-keygen -G output_file [-v] [-b bits] [-M memory] [-S start_point]\n"
2169	fprintf(stderr, " -h Generate host certificate instead of a user certificate.\n");	2172	" ssh-keygen -T output_file -f input_file [-v] [-a rounds] [-J num_lines]\n"
2170	fprintf(stderr, " -I key_id Key identifier to include in certificate.\n");	2173	" [-j start_line] [-K checkpt] [-W generator]\n"
2171	fprintf(stderr, " -i Import foreign format to OpenSSH key file.\n");	2174	" ssh-keygen -s ca_key -I certificate_identity [-h] [-n principals]\n"
2172	fprintf(stderr, " -J number Screen this number of moduli lines.\n");	2175	" [-O option] [-V validity_interval] [-z serial_number] file ...\n"
2173	fprintf(stderr, " -j number Start screening moduli at specified line.\n");	2176	" ssh-keygen -L [-f input_keyfile]\n"
2174	fprintf(stderr, " -K checkpt Write checkpoints to this file.\n");	2177	" ssh-keygen -A\n"
2175	fprintf(stderr, " -k Generate a KRL file.\n");	2178	" ssh-keygen -k -f krl_file [-u] [-s ca_public] [-z version_number]\n"
2176	fprintf(stderr, " -L Print the contents of a certificate.\n");	2179	" file ...\n"
2177	fprintf(stderr, " -l Show fingerprint of key file.\n");	2180	" ssh-keygen -Q -f krl_file file ...\n");
2178	fprintf(stderr, " -M memory Amount of memory (MB) to use for generating DH-GEX moduli.\n");
2179	fprintf(stderr, " -m key_fmt Conversion format for -e/-i (PEM\|PKCS8\|RFC4716).\n");
2180	fprintf(stderr, " -N phrase Provide new passphrase.\n");
2181	fprintf(stderr, " -n name,... User/host principal names to include in certificate\n");
2182	fprintf(stderr, " -O option Specify a certificate option.\n");
2183	fprintf(stderr, " -o Enforce new private key format.\n");
2184	fprintf(stderr, " -P phrase Provide old passphrase.\n");
2185	fprintf(stderr, " -p Change passphrase of private key file.\n");
2186	fprintf(stderr, " -Q Test whether key(s) are revoked in KRL.\n");
2187	fprintf(stderr, " -q Quiet.\n");
2188	fprintf(stderr, " -R hostname Remove host from known_hosts file.\n");
2189	fprintf(stderr, " -r hostname Print DNS resource record.\n");
2190	fprintf(stderr, " -S start Start point (hex) for generating DH-GEX moduli.\n");
2191	fprintf(stderr, " -s ca_key Certify keys with CA key.\n");
2192	fprintf(stderr, " -T file Screen candidates for DH-GEX moduli.\n");
2193	fprintf(stderr, " -t type Specify type of key to create.\n");
2194	fprintf(stderr, " -u Update KRL rather than creating a new one.\n");
2195	fprintf(stderr, " -V from:to Specify certificate validity interval.\n");
2196	fprintf(stderr, " -v Verbose.\n");
2197	fprintf(stderr, " -W gen Generator to use for generating DH-GEX moduli.\n");
2198	fprintf(stderr, " -y Read private key file and print public key.\n");
2199	fprintf(stderr, " -Z cipher Specify a cipher for new private key format.\n");
2200	fprintf(stderr, " -z serial Specify a serial number.\n");
2201
2202	exit(1);	2181	exit(1);
2203	}	2182	}
2204		2183