3 files changed, 48 insertions, 41 deletions
diff --git a/ChangeLog b/ChangeLog
index f8e1d0e2e..c441b2013 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -12,6 +12,10 @@
   - djm@cvs.openbsd.org 2010/03/04 23:17:25
     [sshd_config.5]
     missing word; spotted by jmc@
+   - djm@cvs.openbsd.org 2010/03/04 23:19:29
+     [ssh.1 sshd.8]
+     move section on CA and revoked keys from ssh.1 to sshd.8's known hosts
+     format section and rework it a bit; requested by jmc@
 - (tim) [ssh-pkcs11.c] Fix "non-constant initializer" errors in older
   compilers. OK djm@
diff --git a/ssh.1 b/ssh.1
index 8c53d4b07..b201d87de 100644
--- a/ssh.1
+++ b/ssh.1
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh.1,v 1.298 2010/03/04 12:51:25 jmc Exp $
+.\" $OpenBSD: ssh.1,v 1.299 2010/03/04 23:19:29 djm Exp $
 .Dd $Mdocdate: March 4 2010 $
 .Dt SSH 1
 .Os
@@ -1104,39 +1104,6 @@ option in
 .Xr ssh_config 5
 for more information.
 .Pp
-Host keys may also be presented as certificates signed by a trusted
-certification authority (CA).
-In this case, trust of the CA key alone is sufficient for the host key
-to be accepted.
-To specify a public key as a trusted CA key in a known hosts file,
-it should be added after a
-.Dq @cert-authority
-tag and a set of one or more domain-name wildcards separated by commas.
-For example:
-.Pp
-.Dl @cert-authority *.mydomain.org,*.mydomain.com ssh-rsa AAAAB5W...
-.Pp
-See the
-.Sx CERTIFICATES
-section of
-.Xr ssh-keygen 1
-for more details.
-.Pp
-Keys may also be marked as revoked using the
-.Dq @revoked
-marker.
-Revoked keys will always trigger a warning when encountered and the host
-that presented them will be treated as untrusted.
-For example:
-.Pp
-.Dl @revoked * ssh-rsa AAAAB5W...
-.Pp
-Revoking a key revokes it for direct use and as a certification authority.
-Do not use both the
-.Dq @cert-authority
-and
-.Dq @revoked
-markers on the same line.
 .Sh SSH-BASED VIRTUAL PRIVATE NETWORKS
 .Nm
 contains support for Virtual Private Network (VPN) tunnelling
diff --git a/sshd.8 b/sshd.8
index d31538176..577d19940 100644
--- a/sshd.8
+++ b/sshd.8
@@ -34,8 +34,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd.8,v 1.253 2010/03/03 22:49:50 djm Exp $
+.\" $OpenBSD: sshd.8,v 1.254 2010/03/04 23:19:29 djm Exp $
-.Dd $Mdocdate: March 3 2010 $
+.Dd $Mdocdate: March 4 2010 $
 .Dt SSHD 8
 .Os
 .Sh NAME
@@ -634,10 +634,19 @@ be prepared by the administrator (optional), and the per-user file is
 maintained automatically: whenever the user connects from an unknown host,
 its key is added to the per-user file.
 .Pp
-Each line in these files contains the following fields: hostnames,
+Each line in these files contains the following fields: markers (optional),
-bits, exponent, modulus, comment.
+hostnames, bits, exponent, modulus, comment.
 The fields are separated by spaces.
 .Pp
+The marker is optional, but if it is present then it must be one of
+.Dq @cert-authority ,
+to indicate that the line contains a certification authority (CA) key,
+or
+.Dq @revoked ,
+to indicate that the key contained on the line is revoked and must not ever
+be accepted.
+Only one marker should be used on a key line.
+.Pp
 Hostnames is a comma-separated list of patterns
 .Pf ( Ql *
 and
@@ -677,8 +686,25 @@ Lines starting with
 and empty lines are ignored as comments.
 .Pp
 When performing host authentication, authentication is accepted if any
-matching line has the proper key.
+matching line has the proper key; either one that matches exactly or,
-It is thus permissible (but not
+if the server has presented a certificate for authentication, the key
+of the certification authority that signed the certificate.
+For a key to be trusted as a certification authority, it must use the
+.Dq @cert-authority
+marker described above.
+.Pp
+The known hosts file also provides a facility to mark keys as revoked,
+for example when it is known that the associated private key has been
+stolen.
+Revoked keys are specified by including the
+.Dq @revoked
+marker at the beginning of the key line, and are never accepted for
+authentication or as certification authorities, but instead will
+produce a warning from
+.Xr ssh 1
+when they are encountered.
+.Pp
+It is permissible (but not
 recommended) to have several lines or different host keys for the same
 names.
 This will inevitably happen when short forms of host names
@@ -689,10 +715,16 @@ accepted if valid information can be found from either file.
 .Pp
 Note that the lines in these files are typically hundreds of characters
 long, and you definitely don't want to type in the host keys by hand.
-Rather, generate them by a script
+Rather, generate them by a script,
+.Xr ssh-keyscan 1
 or by taking
 .Pa /etc/ssh/ssh_host_key.pub
 and adding the host names at the front.
+.Xr ssh-keygen 1
+also offers some basic automated editing for 
+.Pa ~/.ssh/known_hosts
+including removing hosts matching a host name and converting all host
+names to their hashed representations.
 .Pp
 An example ssh_known_hosts file:
 .Bd -literal -offset 3n
@@ -702,6 +734,10 @@ cvs.example.net,192.0.2.10 ssh-rsa AAAA1234.....=
 # A hashed hostname
 |1|JfKTdBh7rNbXkVAQCRp4OQoPfmI=|USECr3SWf1JUPsms5AqfD5QfxkM= ssh-rsa
 AAAA1234.....=
+# A revoked key
+@revoked * ssh-rsa AAAAB5W...
+# A CA key, accepted for any host in *.mydomain.com or *.mydomain.org
+@cert-authority *.mydomain.org,*.mydomain.com ssh-rsa AAAAB5W...
 .Ed
 .Sh FILES
 .Bl -tag -width Ds -compact

diff --git a/ChangeLog b/ChangeLog index f8e1d0e2e..c441b2013 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -12,6 +12,10 @@
12	- djm@cvs.openbsd.org 2010/03/04 23:17:25	12	- djm@cvs.openbsd.org 2010/03/04 23:17:25
13	[sshd_config.5]	13	[sshd_config.5]
14	missing word; spotted by jmc@	14	missing word; spotted by jmc@
		15	- djm@cvs.openbsd.org 2010/03/04 23:19:29
		16	[ssh.1 sshd.8]
		17	move section on CA and revoked keys from ssh.1 to sshd.8's known hosts
		18	format section and rework it a bit; requested by jmc@
15	- (tim) [ssh-pkcs11.c] Fix "non-constant initializer" errors in older	19	- (tim) [ssh-pkcs11.c] Fix "non-constant initializer" errors in older
16	compilers. OK djm@	20	compilers. OK djm@
17		21


diff --git a/ssh.1 b/ssh.1 index 8c53d4b07..b201d87de 100644 --- a/ssh.1 +++ b/ssh.1
@@ -34,7 +34,7 @@
34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36	.\"	36	.\"
37	.\" $OpenBSD: ssh.1,v 1.298 2010/03/04 12:51:25 jmc Exp $	37	.\" $OpenBSD: ssh.1,v 1.299 2010/03/04 23:19:29 djm Exp $
38	.Dd $Mdocdate: March 4 2010 $	38	.Dd $Mdocdate: March 4 2010 $
39	.Dt SSH 1	39	.Dt SSH 1
40	.Os	40	.Os
@@ -1104,39 +1104,6 @@ option in
1104	.Xr ssh_config 5	1104	.Xr ssh_config 5
1105	for more information.	1105	for more information.
1106	.Pp	1106	.Pp
1107	Host keys may also be presented as certificates signed by a trusted
1108	certification authority (CA).
1109	In this case, trust of the CA key alone is sufficient for the host key
1110	to be accepted.
1111	To specify a public key as a trusted CA key in a known hosts file,
1112	it should be added after a
1113	.Dq @cert-authority
1114	tag and a set of one or more domain-name wildcards separated by commas.
1115	For example:
1116	.Pp
1117	.Dl @cert-authority .mydomain.org,.mydomain.com ssh-rsa AAAAB5W...
1118	.Pp
1119	See the
1120	.Sx CERTIFICATES
1121	section of
1122	.Xr ssh-keygen 1
1123	for more details.
1124	.Pp
1125	Keys may also be marked as revoked using the
1126	.Dq @revoked
1127	marker.
1128	Revoked keys will always trigger a warning when encountered and the host
1129	that presented them will be treated as untrusted.
1130	For example:
1131	.Pp
1132	.Dl @revoked * ssh-rsa AAAAB5W...
1133	.Pp
1134	Revoking a key revokes it for direct use and as a certification authority.
1135	Do not use both the
1136	.Dq @cert-authority
1137	and
1138	.Dq @revoked
1139	markers on the same line.
1140	.Sh SSH-BASED VIRTUAL PRIVATE NETWORKS	1107	.Sh SSH-BASED VIRTUAL PRIVATE NETWORKS
1141	.Nm	1108	.Nm
1142	contains support for Virtual Private Network (VPN) tunnelling	1109	contains support for Virtual Private Network (VPN) tunnelling


diff --git a/sshd.8 b/sshd.8 index d31538176..577d19940 100644 --- a/sshd.8 +++ b/sshd.8
@@ -34,8 +34,8 @@
34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36	.\"	36	.\"
37	.\" $OpenBSD: sshd.8,v 1.253 2010/03/03 22:49:50 djm Exp $	37	.\" $OpenBSD: sshd.8,v 1.254 2010/03/04 23:19:29 djm Exp $
38	.Dd $Mdocdate: March 3 2010 $	38	.Dd $Mdocdate: March 4 2010 $
39	.Dt SSHD 8	39	.Dt SSHD 8
40	.Os	40	.Os
41	.Sh NAME	41	.Sh NAME
@@ -634,10 +634,19 @@ be prepared by the administrator (optional), and the per-user file is
634	maintained automatically: whenever the user connects from an unknown host,	634	maintained automatically: whenever the user connects from an unknown host,
635	its key is added to the per-user file.	635	its key is added to the per-user file.
636	.Pp	636	.Pp
637	Each line in these files contains the following fields: hostnames,	637	Each line in these files contains the following fields: markers (optional),
638	bits, exponent, modulus, comment.	638	hostnames, bits, exponent, modulus, comment.
639	The fields are separated by spaces.	639	The fields are separated by spaces.
640	.Pp	640	.Pp
		641	The marker is optional, but if it is present then it must be one of
		642	.Dq @cert-authority ,
		643	to indicate that the line contains a certification authority (CA) key,
		644	or
		645	.Dq @revoked ,
		646	to indicate that the key contained on the line is revoked and must not ever
		647	be accepted.
		648	Only one marker should be used on a key line.
		649	.Pp
641	Hostnames is a comma-separated list of patterns	650	Hostnames is a comma-separated list of patterns
642	.Pf ( Ql *	651	.Pf ( Ql *
643	and	652	and
@@ -677,8 +686,25 @@ Lines starting with
677	and empty lines are ignored as comments.	686	and empty lines are ignored as comments.
678	.Pp	687	.Pp
679	When performing host authentication, authentication is accepted if any	688	When performing host authentication, authentication is accepted if any
680	matching line has the proper key.	689	matching line has the proper key; either one that matches exactly or,
681	It is thus permissible (but not	690	if the server has presented a certificate for authentication, the key
		691	of the certification authority that signed the certificate.
		692	For a key to be trusted as a certification authority, it must use the
		693	.Dq @cert-authority
		694	marker described above.
		695	.Pp
		696	The known hosts file also provides a facility to mark keys as revoked,
		697	for example when it is known that the associated private key has been
		698	stolen.
		699	Revoked keys are specified by including the
		700	.Dq @revoked
		701	marker at the beginning of the key line, and are never accepted for
		702	authentication or as certification authorities, but instead will
		703	produce a warning from
		704	.Xr ssh 1
		705	when they are encountered.
		706	.Pp
		707	It is permissible (but not
682	recommended) to have several lines or different host keys for the same	708	recommended) to have several lines or different host keys for the same
683	names.	709	names.
684	This will inevitably happen when short forms of host names	710	This will inevitably happen when short forms of host names
@@ -689,10 +715,16 @@ accepted if valid information can be found from either file.
689	.Pp	715	.Pp
690	Note that the lines in these files are typically hundreds of characters	716	Note that the lines in these files are typically hundreds of characters
691	long, and you definitely don't want to type in the host keys by hand.	717	long, and you definitely don't want to type in the host keys by hand.
692	Rather, generate them by a script	718	Rather, generate them by a script,
		719	.Xr ssh-keyscan 1
693	or by taking	720	or by taking
694	.Pa /etc/ssh/ssh_host_key.pub	721	.Pa /etc/ssh/ssh_host_key.pub
695	and adding the host names at the front.	722	and adding the host names at the front.
		723	.Xr ssh-keygen 1
		724	also offers some basic automated editing for
		725	.Pa ~/.ssh/known_hosts
		726	including removing hosts matching a host name and converting all host
		727	names to their hashed representations.
696	.Pp	728	.Pp
697	An example ssh_known_hosts file:	729	An example ssh_known_hosts file:
698	.Bd -literal -offset 3n	730	.Bd -literal -offset 3n
@@ -702,6 +734,10 @@ cvs.example.net,192.0.2.10 ssh-rsa AAAA1234.....=
702	# A hashed hostname	734	# A hashed hostname
703	\|1\|JfKTdBh7rNbXkVAQCRp4OQoPfmI=\|USECr3SWf1JUPsms5AqfD5QfxkM= ssh-rsa	735	\|1\|JfKTdBh7rNbXkVAQCRp4OQoPfmI=\|USECr3SWf1JUPsms5AqfD5QfxkM= ssh-rsa
704	AAAA1234.....=	736	AAAA1234.....=
		737	# A revoked key
		738	@revoked * ssh-rsa AAAAB5W...
		739	# A CA key, accepted for any host in .mydomain.com or .mydomain.org
		740	@cert-authority .mydomain.org,.mydomain.com ssh-rsa AAAAB5W...
705	.Ed	741	.Ed
706	.Sh FILES	742	.Sh FILES
707	.Bl -tag -width Ds -compact	743	.Bl -tag -width Ds -compact