summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog5
-rw-r--r--ssh-keygen.111
-rw-r--r--ssh.111
3 files changed, 21 insertions, 6 deletions
diff --git a/ChangeLog b/ChangeLog
index 01bcf22e6..53506beb8 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -12,6 +12,9 @@
12 - djm@cvs.openbsd.org 2004/08/12 09:18:24 12 - djm@cvs.openbsd.org 2004/08/12 09:18:24
13 [sshlogin.c] 13 [sshlogin.c]
14 typo in error message, spotted by moritz AT jodeit.org (Id sync only) 14 typo in error message, spotted by moritz AT jodeit.org (Id sync only)
15 - jakob@cvs.openbsd.org 2004/08/12 21:41:13
16 [ssh-keygen.1 ssh.1]
17 improve SSHFP documentation; ok deraadt@
15 18
1620040812 1920040812
17 - (dtucker) [sshd.c] Remove duplicate variable imported during sync. 20 - (dtucker) [sshd.c] Remove duplicate variable imported during sync.
@@ -1609,4 +1612,4 @@
1609 - (djm) Trim deprecated options from INSTALL. Mention UsePAM 1612 - (djm) Trim deprecated options from INSTALL. Mention UsePAM
1610 - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu 1613 - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
1611 1614
1612$Id: ChangeLog,v 1.3501 2004/08/13 11:21:47 dtucker Exp $ 1615$Id: ChangeLog,v 1.3502 2004/08/13 11:22:40 dtucker Exp $
diff --git a/ssh-keygen.1 b/ssh-keygen.1
index 6dd615428..824b6e09c 100644
--- a/ssh-keygen.1
+++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
1.\" $OpenBSD: ssh-keygen.1,v 1.61 2003/12/22 09:16:58 djm Exp $ 1.\" $OpenBSD: ssh-keygen.1,v 1.62 2004/08/12 21:41:13 jakob Exp $
2.\" 2.\"
3.\" -*- nroff -*- 3.\" -*- nroff -*-
4.\" 4.\"
@@ -192,7 +192,9 @@ to stdout.
192This option allows exporting keys for use by several commercial 192This option allows exporting keys for use by several commercial
193SSH implementations. 193SSH implementations.
194.It Fl g 194.It Fl g
195Use generic DNS resource record format. 195Use generic DNS format when printing fingerprint resource records using the
196.Fl r
197command.
196.It Fl f Ar filename 198.It Fl f Ar filename
197Specifies the filename of the key file. 199Specifies the filename of the key file.
198.It Fl i 200.It Fl i
@@ -276,8 +278,9 @@ Multiple
276options increase the verbosity. 278options increase the verbosity.
277The maximum is 3. 279The maximum is 3.
278.It Fl r Ar hostname 280.It Fl r Ar hostname
279Print DNS resource record with the specified 281Print the SSHFP fingerprint resource record named
280.Ar hostname . 282.Ar hostname
283for the specified public key file.
281.El 284.El
282.Sh MODULI GENERATION 285.Sh MODULI GENERATION
283.Nm 286.Nm
diff --git a/ssh.1 b/ssh.1
index faaf20587..0ff77ea29 100644
--- a/ssh.1
+++ b/ssh.1
@@ -34,7 +34,7 @@
34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36.\" 36.\"
37.\" $OpenBSD: ssh.1,v 1.193 2004/06/26 09:03:21 jmc Exp $ 37.\" $OpenBSD: ssh.1,v 1.194 2004/08/12 21:41:13 jakob Exp $
38.Dd September 25, 1999 38.Dd September 25, 1999
39.Dt SSH 1 39.Dt SSH 1
40.Os 40.Os
@@ -400,6 +400,15 @@ The
400option can be used to prevent logins to machines whose 400option can be used to prevent logins to machines whose
401host key is not known or has changed. 401host key is not known or has changed.
402.Pp 402.Pp
403.Nm
404can be configured to verify host identification using fingerprint resource
405records (SSHFP) published in DNS.
406The
407.Cm VerifyHostKeyDNS
408option can be used to control how DNS lookups are performed.
409SSHFP resource records can be generated using
410.Xr ssh-keygen 1 .
411.Pp
403The options are as follows: 412The options are as follows:
404.Bl -tag -width Ds 413.Bl -tag -width Ds
405.It Fl 1 414.It Fl 1
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-10 03:00:49 +0000