1 files changed, 9 insertions, 5 deletions
diff --git a/ssh-keygen.1 b/ssh-keygen.1
index 74b3124f5..37a4fc2b2 100644
--- a/ssh-keygen.1
+++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: ssh-keygen.1,v 1.129 2015/11/13 04:34:15 djm Exp $
+.\"     $OpenBSD: ssh-keygen.1,v 1.130 2016/02/17 07:38:19 jmc Exp $
 .\"
 .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
 .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -35,7 +35,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: November 13 2015 $
+.Dd $Mdocdate: February 17 2016 $
 .Dt SSH-KEYGEN 1
 .Os
 .Sh NAME
@@ -141,8 +141,12 @@
 generates, manages and converts authentication keys for
 .Xr ssh 1 .
 .Nm
-can create RSA keys for use by SSH protocol version 1 and
+can create keys for use by SSH protocol versions 1 and 2.
-DSA, ECDSA, Ed25519 or RSA keys for use by SSH protocol version 2.
+Protocol 1 should not be used
+and is only offered to support legacy devices.
+It suffers from a number of cryptographic weaknesses
+and doesn't support many of the advanced features available for protocol 2.
+.Pp
 The type of key to be generated is specified with the
 .Fl t
 option.
@@ -474,7 +478,7 @@ At present, no options are valid for host keys.
 .It Fl o
 Causes
 .Nm
-to save SSH protocol 2 private keys using the new OpenSSH format rather than
+to save private keys using the new OpenSSH format rather than
 the more compatible PEM format.
 The new format has increased resistance to brute-force password cracking
 but is not supported by versions of OpenSSH prior to 6.5.

diff --git a/ssh-keygen.1 b/ssh-keygen.1 index 74b3124f5..37a4fc2b2 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: ssh-keygen.1,v 1.129 2015/11/13 04:34:15 djm Exp $	1	.\" $OpenBSD: ssh-keygen.1,v 1.130 2016/02/17 07:38:19 jmc Exp $
2	.\"	2	.\"
3	.\" Author: Tatu Ylonen <ylo@cs.hut.fi>	3	.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
4	.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -35,7 +35,7 @@
35	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	35	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
36	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	36	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
37	.\"	37	.\"
38	.Dd $Mdocdate: November 13 2015 $	38	.Dd $Mdocdate: February 17 2016 $
39	.Dt SSH-KEYGEN 1	39	.Dt SSH-KEYGEN 1
40	.Os	40	.Os
41	.Sh NAME	41	.Sh NAME
@@ -141,8 +141,12 @@
141	generates, manages and converts authentication keys for	141	generates, manages and converts authentication keys for
142	.Xr ssh 1 .	142	.Xr ssh 1 .
143	.Nm	143	.Nm
144	can create RSA keys for use by SSH protocol version 1 and	144	can create keys for use by SSH protocol versions 1 and 2.
145	DSA, ECDSA, Ed25519 or RSA keys for use by SSH protocol version 2.	145	Protocol 1 should not be used
		146	and is only offered to support legacy devices.
		147	It suffers from a number of cryptographic weaknesses
		148	and doesn't support many of the advanced features available for protocol 2.
		149	.Pp
146	The type of key to be generated is specified with the	150	The type of key to be generated is specified with the
147	.Fl t	151	.Fl t
148	option.	152	option.
@@ -474,7 +478,7 @@ At present, no options are valid for host keys.
474	.It Fl o	478	.It Fl o
475	Causes	479	Causes
476	.Nm	480	.Nm
477	to save SSH protocol 2 private keys using the new OpenSSH format rather than	481	to save private keys using the new OpenSSH format rather than
478	the more compatible PEM format.	482	the more compatible PEM format.
479	The new format has increased resistance to brute-force password cracking	483	The new format has increased resistance to brute-force password cracking
480	but is not supported by versions of OpenSSH prior to 6.5.	484	but is not supported by versions of OpenSSH prior to 6.5.