diff options
Diffstat (limited to 'ssh-keygen.0')
-rw-r--r-- | ssh-keygen.0 | 55 |
1 files changed, 28 insertions, 27 deletions
diff --git a/ssh-keygen.0 b/ssh-keygen.0 index 998b6f1e0..de651e9c4 100644 --- a/ssh-keygen.0 +++ b/ssh-keygen.0 | |||
@@ -33,9 +33,9 @@ DESCRIPTION | |||
33 | group exchange (DH-GEX). See the MODULI GENERATION section for details. | 33 | group exchange (DH-GEX). See the MODULI GENERATION section for details. |
34 | 34 | ||
35 | Normally each user wishing to use SSH with RSA or DSA authentication runs | 35 | Normally each user wishing to use SSH with RSA or DSA authentication runs |
36 | this once to create the authentication key in $HOME/.ssh/identity, | 36 | this once to create the authentication key in ~/.ssh/identity, |
37 | $HOME/.ssh/id_dsa or $HOME/.ssh/id_rsa. Additionally, the system admin- | 37 | ~/.ssh/id_dsa or ~/.ssh/id_rsa. Additionally, the system administrator |
38 | istrator may use this to generate host keys, as seen in /etc/rc. | 38 | may use this to generate host keys, as seen in /etc/rc. |
39 | 39 | ||
40 | Normally this program generates the key and asks for a file in which to | 40 | Normally this program generates the key and asks for a file in which to |
41 | store the private key. The public key is stored in a file with the same | 41 | store the private key. The public key is stored in a file with the same |
@@ -75,8 +75,8 @@ DESCRIPTION | |||
75 | 75 | ||
76 | -b bits | 76 | -b bits |
77 | Specifies the number of bits in the key to create. Minimum is | 77 | Specifies the number of bits in the key to create. Minimum is |
78 | 512 bits. Generally, 1024 bits is considered sufficient. The | 78 | 512 bits. Generally, 2048 bits is considered sufficient. The |
79 | default is 1024 bits. | 79 | default is 2048 bits. |
80 | 80 | ||
81 | -C comment | 81 | -C comment |
82 | Provides a new comment. | 82 | Provides a new comment. |
@@ -110,13 +110,14 @@ DESCRIPTION | |||
110 | -g Use generic DNS format when printing fingerprint resource records | 110 | -g Use generic DNS format when printing fingerprint resource records |
111 | using the -r command. | 111 | using the -r command. |
112 | 112 | ||
113 | -H Hash a known_hosts file, printing the result to standard output. | 113 | -H Hash a known_hosts file. This replaces all hostnames and ad- |
114 | This replaces all hostnames and addresses with hashed representa- | 114 | dresses with hashed representations within the specified file; |
115 | tions. These hashes may be used normally by ssh and sshd, but | 115 | the original content is moved to a file with a .old suffix. |
116 | they do not reveal identifying information should the file's con- | 116 | These hashes may be used normally by ssh and sshd, but they do |
117 | tents be disclosed. This option will not modify existing hashed | 117 | not reveal identifying information should the file's contents be |
118 | hostnames and is therefore safe to use on files that mix hashed | 118 | disclosed. This option will not modify existing hashed hostnames |
119 | and non-hashed names. | 119 | and is therefore safe to use on files that mix hashed and non- |
120 | hashed names. | ||
120 | 121 | ||
121 | -i This option will read an unencrypted private (or public) key file | 122 | -i This option will read an unencrypted private (or public) key file |
122 | in SSH2-compatible format and print an OpenSSH compatible private | 123 | in SSH2-compatible format and print an OpenSSH compatible private |
@@ -216,7 +217,7 @@ MODULI GENERATION | |||
216 | a connection share common moduli. | 217 | a connection share common moduli. |
217 | 218 | ||
218 | FILES | 219 | FILES |
219 | $HOME/.ssh/identity | 220 | ~/.ssh/identity |
220 | Contains the protocol version 1 RSA authentication identity of | 221 | Contains the protocol version 1 RSA authentication identity of |
221 | the user. This file should not be readable by anyone but the us- | 222 | the user. This file should not be readable by anyone but the us- |
222 | er. It is possible to specify a passphrase when generating the | 223 | er. It is possible to specify a passphrase when generating the |
@@ -225,14 +226,14 @@ FILES | |||
225 | ssh-keygen but it is offered as the default file for the private | 226 | ssh-keygen but it is offered as the default file for the private |
226 | key. ssh(1) will read this file when a login attempt is made. | 227 | key. ssh(1) will read this file when a login attempt is made. |
227 | 228 | ||
228 | $HOME/.ssh/identity.pub | 229 | ~/.ssh/identity.pub |
229 | Contains the protocol version 1 RSA public key for authentica- | 230 | Contains the protocol version 1 RSA public key for authentica- |
230 | tion. The contents of this file should be added to | 231 | tion. The contents of this file should be added to |
231 | $HOME/.ssh/authorized_keys on all machines where the user wishes | 232 | ~/.ssh/authorized_keys on all machines where the user wishes to |
232 | to log in using RSA authentication. There is no need to keep the | 233 | log in using RSA authentication. There is no need to keep the |
233 | contents of this file secret. | 234 | contents of this file secret. |
234 | 235 | ||
235 | $HOME/.ssh/id_dsa | 236 | ~/.ssh/id_dsa |
236 | Contains the protocol version 2 DSA authentication identity of | 237 | Contains the protocol version 2 DSA authentication identity of |
237 | the user. This file should not be readable by anyone but the us- | 238 | the user. This file should not be readable by anyone but the us- |
238 | er. It is possible to specify a passphrase when generating the | 239 | er. It is possible to specify a passphrase when generating the |
@@ -241,14 +242,14 @@ FILES | |||
241 | ssh-keygen but it is offered as the default file for the private | 242 | ssh-keygen but it is offered as the default file for the private |
242 | key. ssh(1) will read this file when a login attempt is made. | 243 | key. ssh(1) will read this file when a login attempt is made. |
243 | 244 | ||
244 | $HOME/.ssh/id_dsa.pub | 245 | ~/.ssh/id_dsa.pub |
245 | Contains the protocol version 2 DSA public key for authentica- | 246 | Contains the protocol version 2 DSA public key for authentica- |
246 | tion. The contents of this file should be added to | 247 | tion. The contents of this file should be added to |
247 | $HOME/.ssh/authorized_keys on all machines where the user wishes | 248 | ~/.ssh/authorized_keys on all machines where the user wishes to |
248 | to log in using public key authentication. There is no need to | 249 | log in using public key authentication. There is no need to keep |
249 | keep the contents of this file secret. | 250 | the contents of this file secret. |
250 | 251 | ||
251 | $HOME/.ssh/id_rsa | 252 | ~/.ssh/id_rsa |
252 | Contains the protocol version 2 RSA authentication identity of | 253 | Contains the protocol version 2 RSA authentication identity of |
253 | the user. This file should not be readable by anyone but the us- | 254 | the user. This file should not be readable by anyone but the us- |
254 | er. It is possible to specify a passphrase when generating the | 255 | er. It is possible to specify a passphrase when generating the |
@@ -257,12 +258,12 @@ FILES | |||
257 | ssh-keygen but it is offered as the default file for the private | 258 | ssh-keygen but it is offered as the default file for the private |
258 | key. ssh(1) will read this file when a login attempt is made. | 259 | key. ssh(1) will read this file when a login attempt is made. |
259 | 260 | ||
260 | $HOME/.ssh/id_rsa.pub | 261 | ~/.ssh/id_rsa.pub |
261 | Contains the protocol version 2 RSA public key for authentica- | 262 | Contains the protocol version 2 RSA public key for authentica- |
262 | tion. The contents of this file should be added to | 263 | tion. The contents of this file should be added to |
263 | $HOME/.ssh/authorized_keys on all machines where the user wishes | 264 | ~/.ssh/authorized_keys on all machines where the user wishes to |
264 | to log in using public key authentication. There is no need to | 265 | log in using public key authentication. There is no need to keep |
265 | keep the contents of this file secret. | 266 | the contents of this file secret. |
266 | 267 | ||
267 | /etc/moduli | 268 | /etc/moduli |
268 | Contains Diffie-Hellman groups used for DH-GEX. The file format | 269 | Contains Diffie-Hellman groups used for DH-GEX. The file format |
@@ -281,4 +282,4 @@ AUTHORS | |||
281 | created OpenSSH. Markus Friedl contributed the support for SSH protocol | 282 | created OpenSSH. Markus Friedl contributed the support for SSH protocol |
282 | versions 1.5 and 2.0. | 283 | versions 1.5 and 2.0. |
283 | 284 | ||
284 | OpenBSD 3.6 September 25, 1999 5 | 285 | OpenBSD 3.8 September 25, 1999 5 |