1 files changed, 8 insertions, 80 deletions
diff --git a/ssh-keygen.0 b/ssh-keygen.0
index 2db957554..515d9f94c 100644
--- a/ssh-keygen.0
+++ b/ssh-keygen.0
@@ -15,18 +15,12 @@ SYNOPSIS
     ssh-keygen -B [-f input_keyfile]
     ssh-keygen -D reader
     ssh-keygen -U reader [-f input_keyfile]
-     ssh-keygen -r hostname [-f input_keyfile] [-g]
-     ssh-keygen -G output_file [-b bits] [-M memory] [-S start_point]
-     ssh-keygen -T output_file -f input_file [-a num_trials] [-W generator]
 DESCRIPTION
     ssh-keygen generates, manages and converts authentication keys for
     ssh(1).  ssh-keygen can create RSA keys for use by SSH protocol version 1
-     and RSA or DSA keys for use by SSH protocol version 2.  The type of key
+     and RSA or DSA keys for use by SSH protocol version 2. The type of key to
-     to be generated is specified with the -t option.
+     be generated is specified with the -t option.
-     ssh-keygen is also used to generate groups for use in Diffie-Hellman
-     group exchange (DH-GEX).  See the MODULI GENERATION section for details.
     Normally each user wishing to use SSH with RSA or DSA authentication runs
     this once to create the authentication key in $HOME/.ssh/identity,
@@ -62,10 +56,6 @@ DESCRIPTION
     The options are as follows:
-     -a trials
-             Specifies the number of primality tests to perform when screening
-             DH-GEX candidates using the -T command.
     -b bits
             Specifies the number of bits in the key to create.  Minimum is
             512 bits.  Generally, 1024 bits is considered sufficient.  The
@@ -81,8 +71,6 @@ DESCRIPTION
             This option allows exporting keys for use by several commercial
             SSH implementations.
-     -g      Use generic DNS resource record format.
     -f filename
             Specifies the filename of the key file.
@@ -120,71 +108,15 @@ DESCRIPTION
     -D reader
             Download the RSA public key stored in the smartcard in reader.
-     -G output_file
-             Generate candidate primes for DH-GEX.  These primes must be
-             screened for safety (using the -T option) before use.
-     -M memory
-             Specify the amount of memory to use (in megabytes) when generat-
-             ing candidate moduli for DH-GEX.
     -N new_passphrase
             Provides the new passphrase.
     -P passphrase
             Provides the (old) passphrase.
-     -S start
-             Specify start point (in hex) when generating candidate moduli for
-             DH-GEX.
-     -T output_file
-             Test DH group exchange candidate primes (generated using the -G
-             option) for safety.
-     -W generator
-             Specify desired generator when testing candidate moduli for DH-
-             GEX.
     -U reader
             Upload an existing RSA private key into the smartcard in reader.
-     -r hostname
-             Print DNS resource record with the specified hostname.
-MODULI GENERATION
-     ssh-keygen may be used to generate groups for the Diffie-Hellman Group
-     Exchange (DH-GEX) protocol.  Generating these groups is a two-step pro-
-     cess: first, candidate primes are generated using a fast, but memory
-     intensive process.  These candidate primes are then tested for suitabil-
-     ity (a CPU-intensive process).
-     Generation of primes is performed using the -G option.  The desired
-     length of the primes may be specified by the -b option.  For example:
-           ssh-keygen -G moduli-2048.candidates -b 2048
-     By default, the search for primes begins at a random point in the desired
-     length range.  This may be overridden using the -S option, which speci-
-     fies a different start point (in hex).
-     Once a set of candidates have been generated, they must be tested for
-     suitability.  This may be performed using the -T option.  In this mode
-     ssh-keygen will read candidates from standard input (or a file specified
-     using the -f option).  For example:
-           ssh-keygen -T moduli-2048 -f moduli-2048.candidates
-     By default, each candidate will be subjected to 100 primality tests.
-     This may be overridden using the -a option.  The DH generator value will
-     be chosen automatically for the prime under consideration.  If a specific
-     generator is desired, it may be requested using the -W option.  Valid
-     generator values are 2, 3 and 5.
-     Screened DH groups may be installed in /etc/moduli.  It is important that
-     this file contains moduli of a range of bit lengths and that both ends of
-     a connection share common moduli.
 FILES
     $HOME/.ssh/identity
             Contains the protocol version 1 RSA authentication identity of
@@ -234,16 +166,6 @@ FILES
             to log in using public key authentication.  There is no need to
             keep the contents of this file secret.
-     /etc/moduli
-             Contains Diffie-Hellman groups used for DH-GEX.  The file format
-             is described in moduli(5).
-SEE ALSO
-     ssh(1), ssh-add(1), ssh-agent(1), moduli(5), sshd(8)
-     J. Galbraith and R. Thayer, SECSH Public Key File Format, draft-ietf-
-     secsh-publickeyfile-01.txt, March 2001, work in progress material.
 AUTHORS
     OpenSSH is a derivative of the original and free ssh 1.2.12 release by
     Tatu Ylonen.  Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
@@ -251,4 +173,10 @@ AUTHORS
     ated OpenSSH.  Markus Friedl contributed the support for SSH protocol
     versions 1.5 and 2.0.
+SEE ALSO
+     ssh(1), ssh-add(1), ssh-agent(1), sshd(8)
+     J. Galbraith and R. Thayer, SECSH Public Key File Format, draft-ietf-
+     secsh-publickeyfile-01.txt, March 2001, work in progress material.
 BSD                           September 25, 1999                           BSD

diff --git a/ssh-keygen.0 b/ssh-keygen.0 index 2db957554..515d9f94c 100644 --- a/ssh-keygen.0 +++ b/ssh-keygen.0
@@ -15,18 +15,12 @@ SYNOPSIS
15	ssh-keygen -B [-f input_keyfile]	15	ssh-keygen -B [-f input_keyfile]
16	ssh-keygen -D reader	16	ssh-keygen -D reader
17	ssh-keygen -U reader [-f input_keyfile]	17	ssh-keygen -U reader [-f input_keyfile]
18	ssh-keygen -r hostname [-f input_keyfile] [-g]
19	ssh-keygen -G output_file [-b bits] [-M memory] [-S start_point]
20	ssh-keygen -T output_file -f input_file [-a num_trials] [-W generator]
21		18
22	DESCRIPTION	19	DESCRIPTION
23	ssh-keygen generates, manages and converts authentication keys for	20	ssh-keygen generates, manages and converts authentication keys for
24	ssh(1). ssh-keygen can create RSA keys for use by SSH protocol version 1	21	ssh(1). ssh-keygen can create RSA keys for use by SSH protocol version 1
25	and RSA or DSA keys for use by SSH protocol version 2. The type of key	22	and RSA or DSA keys for use by SSH protocol version 2. The type of key to
26	to be generated is specified with the -t option.	23	be generated is specified with the -t option.
27
28	ssh-keygen is also used to generate groups for use in Diffie-Hellman
29	group exchange (DH-GEX). See the MODULI GENERATION section for details.
30		24
31	Normally each user wishing to use SSH with RSA or DSA authentication runs	25	Normally each user wishing to use SSH with RSA or DSA authentication runs
32	this once to create the authentication key in $HOME/.ssh/identity,	26	this once to create the authentication key in $HOME/.ssh/identity,
@@ -62,10 +56,6 @@ DESCRIPTION
62		56
63	The options are as follows:	57	The options are as follows:
64		58
65	-a trials
66	Specifies the number of primality tests to perform when screening
67	DH-GEX candidates using the -T command.
68
69	-b bits	59	-b bits
70	Specifies the number of bits in the key to create. Minimum is	60	Specifies the number of bits in the key to create. Minimum is
71	512 bits. Generally, 1024 bits is considered sufficient. The	61	512 bits. Generally, 1024 bits is considered sufficient. The
@@ -81,8 +71,6 @@ DESCRIPTION
81	This option allows exporting keys for use by several commercial	71	This option allows exporting keys for use by several commercial
82	SSH implementations.	72	SSH implementations.
83		73
84	-g Use generic DNS resource record format.
85
86	-f filename	74	-f filename
87	Specifies the filename of the key file.	75	Specifies the filename of the key file.
88		76
@@ -120,71 +108,15 @@ DESCRIPTION
120	-D reader	108	-D reader
121	Download the RSA public key stored in the smartcard in reader.	109	Download the RSA public key stored in the smartcard in reader.
122		110
123	-G output_file
124	Generate candidate primes for DH-GEX. These primes must be
125	screened for safety (using the -T option) before use.
126
127	-M memory
128	Specify the amount of memory to use (in megabytes) when generat-
129	ing candidate moduli for DH-GEX.
130
131	-N new_passphrase	111	-N new_passphrase
132	Provides the new passphrase.	112	Provides the new passphrase.
133		113
134	-P passphrase	114	-P passphrase
135	Provides the (old) passphrase.	115	Provides the (old) passphrase.
136		116
137	-S start
138	Specify start point (in hex) when generating candidate moduli for
139	DH-GEX.
140
141	-T output_file
142	Test DH group exchange candidate primes (generated using the -G
143	option) for safety.
144
145	-W generator
146	Specify desired generator when testing candidate moduli for DH-
147	GEX.
148
149	-U reader	117	-U reader
150	Upload an existing RSA private key into the smartcard in reader.	118	Upload an existing RSA private key into the smartcard in reader.
151		119
152	-r hostname
153	Print DNS resource record with the specified hostname.
154
155	MODULI GENERATION
156	ssh-keygen may be used to generate groups for the Diffie-Hellman Group
157	Exchange (DH-GEX) protocol. Generating these groups is a two-step pro-
158	cess: first, candidate primes are generated using a fast, but memory
159	intensive process. These candidate primes are then tested for suitabil-
160	ity (a CPU-intensive process).
161
162	Generation of primes is performed using the -G option. The desired
163	length of the primes may be specified by the -b option. For example:
164
165	ssh-keygen -G moduli-2048.candidates -b 2048
166
167	By default, the search for primes begins at a random point in the desired
168	length range. This may be overridden using the -S option, which speci-
169	fies a different start point (in hex).
170
171	Once a set of candidates have been generated, they must be tested for
172	suitability. This may be performed using the -T option. In this mode
173	ssh-keygen will read candidates from standard input (or a file specified
174	using the -f option). For example:
175
176	ssh-keygen -T moduli-2048 -f moduli-2048.candidates
177
178	By default, each candidate will be subjected to 100 primality tests.
179	This may be overridden using the -a option. The DH generator value will
180	be chosen automatically for the prime under consideration. If a specific
181	generator is desired, it may be requested using the -W option. Valid
182	generator values are 2, 3 and 5.
183
184	Screened DH groups may be installed in /etc/moduli. It is important that
185	this file contains moduli of a range of bit lengths and that both ends of
186	a connection share common moduli.
187
188	FILES	120	FILES
189	$HOME/.ssh/identity	121	$HOME/.ssh/identity
190	Contains the protocol version 1 RSA authentication identity of	122	Contains the protocol version 1 RSA authentication identity of
@@ -234,16 +166,6 @@ FILES
234	to log in using public key authentication. There is no need to	166	to log in using public key authentication. There is no need to
235	keep the contents of this file secret.	167	keep the contents of this file secret.
236		168
237	/etc/moduli
238	Contains Diffie-Hellman groups used for DH-GEX. The file format
239	is described in moduli(5).
240
241	SEE ALSO
242	ssh(1), ssh-add(1), ssh-agent(1), moduli(5), sshd(8)
243
244	J. Galbraith and R. Thayer, SECSH Public Key File Format, draft-ietf-
245	secsh-publickeyfile-01.txt, March 2001, work in progress material.
246
247	AUTHORS	169	AUTHORS
248	OpenSSH is a derivative of the original and free ssh 1.2.12 release by	170	OpenSSH is a derivative of the original and free ssh 1.2.12 release by
249	Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo	171	Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
@@ -251,4 +173,10 @@ AUTHORS
251	ated OpenSSH. Markus Friedl contributed the support for SSH protocol	173	ated OpenSSH. Markus Friedl contributed the support for SSH protocol
252	versions 1.5 and 2.0.	174	versions 1.5 and 2.0.
253		175
		176	SEE ALSO
		177	ssh(1), ssh-add(1), ssh-agent(1), sshd(8)
		178
		179	J. Galbraith and R. Thayer, SECSH Public Key File Format, draft-ietf-
		180	secsh-publickeyfile-01.txt, March 2001, work in progress material.
		181
254	BSD September 25, 1999 BSD	182	BSD September 25, 1999 BSD