1 files changed, 80 insertions, 8 deletions

diff --git a/ssh-keygen.0 b/ssh-keygen.0
index 515d9f94c..2db957554 100644
--- a/ssh-keygen.0
+++ b/ssh-keygen.0
@@ -15,12 +15,18 @@ SYNOPSIS
      ssh-keygen -B [-f input_keyfile]
      ssh-keygen -D reader
      ssh-keygen -U reader [-f input_keyfile]
+     ssh-keygen -r hostname [-f input_keyfile] [-g]
+     ssh-keygen -G output_file [-b bits] [-M memory] [-S start_point]
+     ssh-keygen -T output_file -f input_file [-a num_trials] [-W generator]
 
 DESCRIPTION
      ssh-keygen generates, manages and converts authentication keys for
      ssh(1).  ssh-keygen can create RSA keys for use by SSH protocol version 1
-     and RSA or DSA keys for use by SSH protocol version 2. The type of key to
-     be generated is specified with the -t option.
+     and RSA or DSA keys for use by SSH protocol version 2.  The type of key
+     to be generated is specified with the -t option.
+
+     ssh-keygen is also used to generate groups for use in Diffie-Hellman
+     group exchange (DH-GEX).  See the MODULI GENERATION section for details.
 
      Normally each user wishing to use SSH with RSA or DSA authentication runs
      this once to create the authentication key in $HOME/.ssh/identity,
@@ -56,6 +62,10 @@ DESCRIPTION
 
      The options are as follows:
 
+     -a trials
+             Specifies the number of primality tests to perform when screening
+             DH-GEX candidates using the -T command.
+
      -b bits
              Specifies the number of bits in the key to create.  Minimum is
              512 bits.  Generally, 1024 bits is considered sufficient.  The
@@ -71,6 +81,8 @@ DESCRIPTION
              This option allows exporting keys for use by several commercial
              SSH implementations.
 
+     -g      Use generic DNS resource record format.
+
      -f filename
              Specifies the filename of the key file.
 
@@ -108,15 +120,71 @@ DESCRIPTION
      -D reader
              Download the RSA public key stored in the smartcard in reader.
 
+     -G output_file
+             Generate candidate primes for DH-GEX.  These primes must be
+             screened for safety (using the -T option) before use.
+
+     -M memory
+             Specify the amount of memory to use (in megabytes) when generat-
+             ing candidate moduli for DH-GEX.
+
      -N new_passphrase
              Provides the new passphrase.
 
      -P passphrase
              Provides the (old) passphrase.
 
+     -S start
+             Specify start point (in hex) when generating candidate moduli for
+             DH-GEX.
+
+     -T output_file
+             Test DH group exchange candidate primes (generated using the -G
+             option) for safety.
+
+     -W generator
+             Specify desired generator when testing candidate moduli for DH-
+             GEX.
+
      -U reader
              Upload an existing RSA private key into the smartcard in reader.
 
+     -r hostname
+             Print DNS resource record with the specified hostname.
+
+MODULI GENERATION
+     ssh-keygen may be used to generate groups for the Diffie-Hellman Group
+     Exchange (DH-GEX) protocol.  Generating these groups is a two-step pro-
+     cess: first, candidate primes are generated using a fast, but memory
+     intensive process.  These candidate primes are then tested for suitabil-
+     ity (a CPU-intensive process).
+
+     Generation of primes is performed using the -G option.  The desired
+     length of the primes may be specified by the -b option.  For example:
+
+           ssh-keygen -G moduli-2048.candidates -b 2048
+
+     By default, the search for primes begins at a random point in the desired
+     length range.  This may be overridden using the -S option, which speci-
+     fies a different start point (in hex).
+
+     Once a set of candidates have been generated, they must be tested for
+     suitability.  This may be performed using the -T option.  In this mode
+     ssh-keygen will read candidates from standard input (or a file specified
+     using the -f option).  For example:
+
+           ssh-keygen -T moduli-2048 -f moduli-2048.candidates
+
+     By default, each candidate will be subjected to 100 primality tests.
+     This may be overridden using the -a option.  The DH generator value will
+     be chosen automatically for the prime under consideration.  If a specific
+     generator is desired, it may be requested using the -W option.  Valid
+     generator values are 2, 3 and 5.
+
+     Screened DH groups may be installed in /etc/moduli.  It is important that
+     this file contains moduli of a range of bit lengths and that both ends of
+     a connection share common moduli.
+
 FILES
      $HOME/.ssh/identity
              Contains the protocol version 1 RSA authentication identity of
@@ -166,6 +234,16 @@ FILES
              to log in using public key authentication.  There is no need to
              keep the contents of this file secret.
 
+     /etc/moduli
+             Contains Diffie-Hellman groups used for DH-GEX.  The file format
+             is described in moduli(5).
+
+SEE ALSO
+     ssh(1), ssh-add(1), ssh-agent(1), moduli(5), sshd(8)
+
+     J. Galbraith and R. Thayer, SECSH Public Key File Format, draft-ietf-
+     secsh-publickeyfile-01.txt, March 2001, work in progress material.
+
 AUTHORS
      OpenSSH is a derivative of the original and free ssh 1.2.12 release by
      Tatu Ylonen.  Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
@@ -173,10 +251,4 @@ AUTHORS
      ated OpenSSH.  Markus Friedl contributed the support for SSH protocol
      versions 1.5 and 2.0.
 
-SEE ALSO
-     ssh(1), ssh-add(1), ssh-agent(1), sshd(8)
-
-     J. Galbraith and R. Thayer, SECSH Public Key File Format, draft-ietf-
-     secsh-publickeyfile-01.txt, March 2001, work in progress material.
-
 BSD                           September 25, 1999                           BSD