diff options
-rw-r--r-- | sftp.1 | 8 | ||||
-rw-r--r-- | ssh-add.1 | 9 | ||||
-rw-r--r-- | ssh-keygen.1 | 37 | ||||
-rw-r--r-- | ssh.1 | 6 |
4 files changed, 13 insertions, 47 deletions
@@ -1,4 +1,4 @@ | |||
1 | .\" $OpenBSD: sftp.1,v 1.108 2017/05/02 14:06:37 jmc Exp $ | 1 | .\" $OpenBSD: sftp.1,v 1.109 2017/05/03 06:32:02 jmc Exp $ |
2 | .\" | 2 | .\" |
3 | .\" Copyright (c) 2001 Damien Miller. All rights reserved. | 3 | .\" Copyright (c) 2001 Damien Miller. All rights reserved. |
4 | .\" | 4 | .\" |
@@ -22,7 +22,7 @@ | |||
22 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 22 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
23 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 23 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
24 | .\" | 24 | .\" |
25 | .Dd $Mdocdate: May 2 2017 $ | 25 | .Dd $Mdocdate: May 3 2017 $ |
26 | .Dt SFTP 1 | 26 | .Dt SFTP 1 |
27 | .Os | 27 | .Os |
28 | .Sh NAME | 28 | .Sh NAME |
@@ -273,9 +273,7 @@ options. | |||
273 | .It Fl s Ar subsystem | sftp_server | 273 | .It Fl s Ar subsystem | sftp_server |
274 | Specifies the SSH2 subsystem or the path for an sftp server | 274 | Specifies the SSH2 subsystem or the path for an sftp server |
275 | on the remote host. | 275 | on the remote host. |
276 | A path is useful for using | 276 | A path is useful when the remote |
277 | .Nm | ||
278 | over protocol version 1, or when the remote | ||
279 | .Xr sshd 8 | 277 | .Xr sshd 8 |
280 | does not have an sftp subsystem configured. | 278 | does not have an sftp subsystem configured. |
281 | .It Fl v | 279 | .It Fl v |
@@ -1,4 +1,4 @@ | |||
1 | .\" $OpenBSD: ssh-add.1,v 1.62 2015/03/30 18:28:37 jmc Exp $ | 1 | .\" $OpenBSD: ssh-add.1,v 1.63 2017/05/03 06:32:02 jmc Exp $ |
2 | .\" | 2 | .\" |
3 | .\" Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | .\" Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -35,7 +35,7 @@ | |||
35 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 35 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
36 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 36 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
37 | .\" | 37 | .\" |
38 | .Dd $Mdocdate: March 30 2015 $ | 38 | .Dd $Mdocdate: May 3 2017 $ |
39 | .Dt SSH-ADD 1 | 39 | .Dt SSH-ADD 1 |
40 | .Os | 40 | .Os |
41 | .Sh NAME | 41 | .Sh NAME |
@@ -59,9 +59,8 @@ When run without arguments, it adds the files | |||
59 | .Pa ~/.ssh/id_rsa , | 59 | .Pa ~/.ssh/id_rsa , |
60 | .Pa ~/.ssh/id_dsa , | 60 | .Pa ~/.ssh/id_dsa , |
61 | .Pa ~/.ssh/id_ecdsa , | 61 | .Pa ~/.ssh/id_ecdsa , |
62 | .Pa ~/.ssh/id_ed25519 | ||
63 | and | 62 | and |
64 | .Pa ~/.ssh/identity . | 63 | .Pa ~/.ssh/id_ed25519 . |
65 | After loading a private key, | 64 | After loading a private key, |
66 | .Nm | 65 | .Nm |
67 | will try to load corresponding certificate information from the | 66 | will try to load corresponding certificate information from the |
@@ -174,8 +173,6 @@ socket used to communicate with the agent. | |||
174 | .El | 173 | .El |
175 | .Sh FILES | 174 | .Sh FILES |
176 | .Bl -tag -width Ds | 175 | .Bl -tag -width Ds |
177 | .It Pa ~/.ssh/identity | ||
178 | Contains the protocol version 1 RSA authentication identity of the user. | ||
179 | .It Pa ~/.ssh/id_dsa | 176 | .It Pa ~/.ssh/id_dsa |
180 | Contains the protocol version 2 DSA authentication identity of the user. | 177 | Contains the protocol version 2 DSA authentication identity of the user. |
181 | .It Pa ~/.ssh/id_ecdsa | 178 | .It Pa ~/.ssh/id_ecdsa |
diff --git a/ssh-keygen.1 b/ssh-keygen.1 index 624995617..d8ae3fada 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1 | |||
@@ -1,4 +1,4 @@ | |||
1 | .\" $OpenBSD: ssh-keygen.1,v 1.139 2017/05/02 17:04:09 jmc Exp $ | 1 | .\" $OpenBSD: ssh-keygen.1,v 1.140 2017/05/03 06:32:02 jmc Exp $ |
2 | .\" | 2 | .\" |
3 | .\" Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | .\" Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -35,7 +35,7 @@ | |||
35 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 35 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
36 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 36 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
37 | .\" | 37 | .\" |
38 | .Dd $Mdocdate: May 2 2017 $ | 38 | .Dd $Mdocdate: May 3 2017 $ |
39 | .Dt SSH-KEYGEN 1 | 39 | .Dt SSH-KEYGEN 1 |
40 | .Os | 40 | .Os |
41 | .Sh NAME | 41 | .Sh NAME |
@@ -141,11 +141,7 @@ | |||
141 | generates, manages and converts authentication keys for | 141 | generates, manages and converts authentication keys for |
142 | .Xr ssh 1 . | 142 | .Xr ssh 1 . |
143 | .Nm | 143 | .Nm |
144 | can create keys for use by SSH protocol versions 1 and 2. | 144 | can create keys for use by SSH protocol version 2. |
145 | Protocol 1 should not be used | ||
146 | and is only offered to support legacy devices. | ||
147 | It suffers from a number of cryptographic weaknesses | ||
148 | and doesn't support many of the advanced features available for protocol 2. | ||
149 | .Pp | 145 | .Pp |
150 | The type of key to be generated is specified with the | 146 | The type of key to be generated is specified with the |
151 | .Fl t | 147 | .Fl t |
@@ -172,7 +168,6 @@ section for details. | |||
172 | Normally each user wishing to use SSH | 168 | Normally each user wishing to use SSH |
173 | with public key authentication runs this once to create the authentication | 169 | with public key authentication runs this once to create the authentication |
174 | key in | 170 | key in |
175 | .Pa ~/.ssh/identity , | ||
176 | .Pa ~/.ssh/id_dsa , | 171 | .Pa ~/.ssh/id_dsa , |
177 | .Pa ~/.ssh/id_ecdsa , | 172 | .Pa ~/.ssh/id_ecdsa , |
178 | .Pa ~/.ssh/id_ed25519 | 173 | .Pa ~/.ssh/id_ed25519 |
@@ -231,16 +226,14 @@ This is used by | |||
231 | .Pa /etc/rc | 226 | .Pa /etc/rc |
232 | to generate new host keys. | 227 | to generate new host keys. |
233 | .It Fl a Ar rounds | 228 | .It Fl a Ar rounds |
234 | When saving a new-format private key (i.e. an ed25519 key or any SSH protocol | 229 | When saving a new-format private key (i.e. an ed25519 key or when the |
235 | 2 key when the | ||
236 | .Fl o | 230 | .Fl o |
237 | flag is set), this option specifies the number of KDF (key derivation function) | 231 | flag is set), this option specifies the number of KDF (key derivation function) |
238 | rounds used. | 232 | rounds used. |
239 | Higher numbers result in slower passphrase verification and increased | 233 | Higher numbers result in slower passphrase verification and increased |
240 | resistance to brute-force password cracking (should the keys be stolen). | 234 | resistance to brute-force password cracking (should the keys be stolen). |
241 | .Pp | 235 | .Pp |
242 | When screening DH-GEX candidates ( | 236 | When screening DH-GEX candidates (using the |
243 | using the | ||
244 | .Fl T | 237 | .Fl T |
245 | command). | 238 | command). |
246 | This option specifies the number of primality tests to perform. | 239 | This option specifies the number of primality tests to perform. |
@@ -819,26 +812,6 @@ will exit with a non-zero exit status. | |||
819 | A zero exit status will only be returned if no key was revoked. | 812 | A zero exit status will only be returned if no key was revoked. |
820 | .Sh FILES | 813 | .Sh FILES |
821 | .Bl -tag -width Ds -compact | 814 | .Bl -tag -width Ds -compact |
822 | .It Pa ~/.ssh/identity | ||
823 | Contains the protocol version 1 RSA authentication identity of the user. | ||
824 | This file should not be readable by anyone but the user. | ||
825 | It is possible to | ||
826 | specify a passphrase when generating the key; that passphrase will be | ||
827 | used to encrypt the private part of this file using 3DES. | ||
828 | This file is not automatically accessed by | ||
829 | .Nm | ||
830 | but it is offered as the default file for the private key. | ||
831 | .Xr ssh 1 | ||
832 | will read this file when a login attempt is made. | ||
833 | .Pp | ||
834 | .It Pa ~/.ssh/identity.pub | ||
835 | Contains the protocol version 1 RSA public key for authentication. | ||
836 | The contents of this file should be added to | ||
837 | .Pa ~/.ssh/authorized_keys | ||
838 | on all machines | ||
839 | where the user wishes to log in using RSA authentication. | ||
840 | There is no need to keep the contents of this file secret. | ||
841 | .Pp | ||
842 | .It Pa ~/.ssh/id_dsa | 815 | .It Pa ~/.ssh/id_dsa |
843 | .It Pa ~/.ssh/id_ecdsa | 816 | .It Pa ~/.ssh/id_ecdsa |
844 | .It Pa ~/.ssh/id_ed25519 | 817 | .It Pa ~/.ssh/id_ed25519 |
@@ -33,8 +33,8 @@ | |||
33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
35 | .\" | 35 | .\" |
36 | .\" $OpenBSD: ssh.1,v 1.378 2017/05/02 13:44:51 jmc Exp $ | 36 | .\" $OpenBSD: ssh.1,v 1.379 2017/05/03 06:32:02 jmc Exp $ |
37 | .Dd $Mdocdate: May 2 2017 $ | 37 | .Dd $Mdocdate: May 3 2017 $ |
38 | .Dt SSH 1 | 38 | .Dt SSH 1 |
39 | .Os | 39 | .Os |
40 | .Sh NAME | 40 | .Sh NAME |
@@ -1441,7 +1441,6 @@ Contains additional definitions for environment variables; see | |||
1441 | .Sx ENVIRONMENT , | 1441 | .Sx ENVIRONMENT , |
1442 | above. | 1442 | above. |
1443 | .Pp | 1443 | .Pp |
1444 | .It Pa ~/.ssh/identity | ||
1445 | .It Pa ~/.ssh/id_dsa | 1444 | .It Pa ~/.ssh/id_dsa |
1446 | .It Pa ~/.ssh/id_ecdsa | 1445 | .It Pa ~/.ssh/id_ecdsa |
1447 | .It Pa ~/.ssh/id_ed25519 | 1446 | .It Pa ~/.ssh/id_ed25519 |
@@ -1456,7 +1455,6 @@ It is possible to specify a passphrase when | |||
1456 | generating the key which will be used to encrypt the | 1455 | generating the key which will be used to encrypt the |
1457 | sensitive part of this file using 3DES. | 1456 | sensitive part of this file using 3DES. |
1458 | .Pp | 1457 | .Pp |
1459 | .It Pa ~/.ssh/identity.pub | ||
1460 | .It Pa ~/.ssh/id_dsa.pub | 1458 | .It Pa ~/.ssh/id_dsa.pub |
1461 | .It Pa ~/.ssh/id_ecdsa.pub | 1459 | .It Pa ~/.ssh/id_ecdsa.pub |
1462 | .It Pa ~/.ssh/id_ed25519.pub | 1460 | .It Pa ~/.ssh/id_ed25519.pub |