1 files changed, 12 insertions, 13 deletions
diff --git a/ssh-keygen.1 b/ssh-keygen.1
index 1b77bdf6d..e48597388 100644
--- a/ssh-keygen.1
+++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: ssh-keygen.1,v 1.179 2019/11/30 07:07:59 jmc Exp $
+.\"     $OpenBSD: ssh-keygen.1,v 1.180 2019/12/21 20:22:34 naddy Exp $
 .\"
 .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
 .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -35,7 +35,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: November 30 2019 $
+.Dd $Mdocdate: December 21 2019 $
 .Dt SSH-KEYGEN 1
 .Os
 .Sh NAME
@@ -537,7 +537,7 @@ Allows X11 forwarding.
 .It Ic no-touch-required
 Do not require signatures made using this key require demonstration
 of user presence (e.g. by having the user touch the key).
-This option only makes sense for the Security Key algorithms
+This option only makes sense for the FIDO authenticator algorithms
 .Cm ecdsa-sk
 and
 .Cm ed25519-sk .
@@ -673,11 +673,11 @@ The maximum is 3.
 .It Fl W Ar generator
 Specify desired generator when testing candidate moduli for DH-GEX.
 .It Fl w Ar provider
-Specifies a path to a security key provider library that will be used when
+Specifies a path to a library that will be used when creating
-creating any security key-hosted keys, overriding the default of the
+FIDO authenticator-hosted keys, overriding the default of using
-internal support for USB HID keys.
+the internal USB HID support.
 .It Fl x Ar flags
-Specifies the security key flags to use when enrolling a security key-hosted
+Specifies the authenticator flags to use when enrolling an authenticator-hosted
 key.
 Flags may be specified by name or directly as a hexadecimal value.
 Only one named flag is supported at present:
@@ -1053,8 +1053,7 @@ user2@example.com namespaces="file" ssh-ed25519 AAA41...
 .Sh ENVIRONMENT
 .Bl -tag -width Ds
 .It Ev SSH_SK_PROVIDER
-Specifies the path to a security key provider library used to interact with
+Specifies the path to a library used to interact with FIDO authenticators.
-hardware security keys.
 .El
 .Sh FILES
 .Bl -tag -width Ds -compact
@@ -1064,8 +1063,8 @@ hardware security keys.
 .It Pa ~/.ssh/id_ed25519
 .It Pa ~/.ssh/id_ed25519_sk
 .It Pa ~/.ssh/id_rsa
-Contains the DSA, ECDSA, security key-hosted ECDSA, Ed25519,
+Contains the DSA, ECDSA, authenticator-hosted ECDSA, Ed25519,
-security key-hosted Ed25519 or RSA authentication identity of the user.
+authenticator-hosted Ed25519 or RSA authentication identity of the user.
 This file should not be readable by anyone but the user.
 It is possible to
 specify a passphrase when generating the key; that passphrase will be
@@ -1082,8 +1081,8 @@ will read this file when a login attempt is made.
 .It Pa ~/.ssh/id_ed25519.pub
 .It Pa ~/.ssh/id_ed25519_sk.pub
 .It Pa ~/.ssh/id_rsa.pub
-Contains the DSA, ECDSA, security key-hosted ECDSA, Ed25519,
+Contains the DSA, ECDSA, authenticator-hosted ECDSA, Ed25519,
-security key-hosted Ed25519 or RSA public key for authentication.
+authenticator-hosted Ed25519 or RSA public key for authentication.
 The contents of this file should be added to
 .Pa ~/.ssh/authorized_keys
 on all machines

diff --git a/ssh-keygen.1 b/ssh-keygen.1 index 1b77bdf6d..e48597388 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: ssh-keygen.1,v 1.179 2019/11/30 07:07:59 jmc Exp $	1	.\" $OpenBSD: ssh-keygen.1,v 1.180 2019/12/21 20:22:34 naddy Exp $
2	.\"	2	.\"
3	.\" Author: Tatu Ylonen <ylo@cs.hut.fi>	3	.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
4	.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -35,7 +35,7 @@
35	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	35	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
36	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	36	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
37	.\"	37	.\"
38	.Dd $Mdocdate: November 30 2019 $	38	.Dd $Mdocdate: December 21 2019 $
39	.Dt SSH-KEYGEN 1	39	.Dt SSH-KEYGEN 1
40	.Os	40	.Os
41	.Sh NAME	41	.Sh NAME
@@ -537,7 +537,7 @@ Allows X11 forwarding.
537	.It Ic no-touch-required	537	.It Ic no-touch-required
538	Do not require signatures made using this key require demonstration	538	Do not require signatures made using this key require demonstration
539	of user presence (e.g. by having the user touch the key).	539	of user presence (e.g. by having the user touch the key).
540	This option only makes sense for the Security Key algorithms	540	This option only makes sense for the FIDO authenticator algorithms
541	.Cm ecdsa-sk	541	.Cm ecdsa-sk
542	and	542	and
543	.Cm ed25519-sk .	543	.Cm ed25519-sk .
@@ -673,11 +673,11 @@ The maximum is 3.
673	.It Fl W Ar generator	673	.It Fl W Ar generator
674	Specify desired generator when testing candidate moduli for DH-GEX.	674	Specify desired generator when testing candidate moduli for DH-GEX.
675	.It Fl w Ar provider	675	.It Fl w Ar provider
676	Specifies a path to a security key provider library that will be used when	676	Specifies a path to a library that will be used when creating
677	creating any security key-hosted keys, overriding the default of the	677	FIDO authenticator-hosted keys, overriding the default of using
678	internal support for USB HID keys.	678	the internal USB HID support.
679	.It Fl x Ar flags	679	.It Fl x Ar flags
680	Specifies the security key flags to use when enrolling a security key-hosted	680	Specifies the authenticator flags to use when enrolling an authenticator-hosted
681	key.	681	key.
682	Flags may be specified by name or directly as a hexadecimal value.	682	Flags may be specified by name or directly as a hexadecimal value.
683	Only one named flag is supported at present:	683	Only one named flag is supported at present:
@@ -1053,8 +1053,7 @@ user2@example.com namespaces="file" ssh-ed25519 AAA41...
1053	.Sh ENVIRONMENT	1053	.Sh ENVIRONMENT
1054	.Bl -tag -width Ds	1054	.Bl -tag -width Ds
1055	.It Ev SSH_SK_PROVIDER	1055	.It Ev SSH_SK_PROVIDER
1056	Specifies the path to a security key provider library used to interact with	1056	Specifies the path to a library used to interact with FIDO authenticators.
1057	hardware security keys.
1058	.El	1057	.El
1059	.Sh FILES	1058	.Sh FILES
1060	.Bl -tag -width Ds -compact	1059	.Bl -tag -width Ds -compact
@@ -1064,8 +1063,8 @@ hardware security keys.
1064	.It Pa ~/.ssh/id_ed25519	1063	.It Pa ~/.ssh/id_ed25519
1065	.It Pa ~/.ssh/id_ed25519_sk	1064	.It Pa ~/.ssh/id_ed25519_sk
1066	.It Pa ~/.ssh/id_rsa	1065	.It Pa ~/.ssh/id_rsa
1067	Contains the DSA, ECDSA, security key-hosted ECDSA, Ed25519,	1066	Contains the DSA, ECDSA, authenticator-hosted ECDSA, Ed25519,
1068	security key-hosted Ed25519 or RSA authentication identity of the user.	1067	authenticator-hosted Ed25519 or RSA authentication identity of the user.
1069	This file should not be readable by anyone but the user.	1068	This file should not be readable by anyone but the user.
1070	It is possible to	1069	It is possible to
1071	specify a passphrase when generating the key; that passphrase will be	1070	specify a passphrase when generating the key; that passphrase will be
@@ -1082,8 +1081,8 @@ will read this file when a login attempt is made.
1082	.It Pa ~/.ssh/id_ed25519.pub	1081	.It Pa ~/.ssh/id_ed25519.pub
1083	.It Pa ~/.ssh/id_ed25519_sk.pub	1082	.It Pa ~/.ssh/id_ed25519_sk.pub
1084	.It Pa ~/.ssh/id_rsa.pub	1083	.It Pa ~/.ssh/id_rsa.pub
1085	Contains the DSA, ECDSA, security key-hosted ECDSA, Ed25519,	1084	Contains the DSA, ECDSA, authenticator-hosted ECDSA, Ed25519,
1086	security key-hosted Ed25519 or RSA public key for authentication.	1085	authenticator-hosted Ed25519 or RSA public key for authentication.
1087	The contents of this file should be added to	1086	The contents of this file should be added to
1088	.Pa ~/.ssh/authorized_keys	1087	.Pa ~/.ssh/authorized_keys
1089	on all machines	1088	on all machines