diff options
Diffstat (limited to 'ssh-keygen.1')
-rw-r--r-- | ssh-keygen.1 | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/ssh-keygen.1 b/ssh-keygen.1 index 33e0bbcc1..da6b5ed76 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1 | |||
@@ -1,4 +1,4 @@ | |||
1 | .\" $OpenBSD: ssh-keygen.1,v 1.148 2018/08/08 01:16:01 djm Exp $ | 1 | .\" $OpenBSD: ssh-keygen.1,v 1.150 2018/09/12 06:18:59 djm Exp $ |
2 | .\" | 2 | .\" |
3 | .\" Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | .\" Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -35,7 +35,7 @@ | |||
35 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 35 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
36 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 36 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
37 | .\" | 37 | .\" |
38 | .Dd $Mdocdate: August 8 2018 $ | 38 | .Dd $Mdocdate: September 12 2018 $ |
39 | .Dt SSH-KEYGEN 1 | 39 | .Dt SSH-KEYGEN 1 |
40 | .Os | 40 | .Os |
41 | .Sh NAME | 41 | .Sh NAME |
@@ -810,7 +810,20 @@ option. | |||
810 | Revokes the specified key. | 810 | Revokes the specified key. |
811 | If a certificate is listed, then it is revoked as a plain public key. | 811 | If a certificate is listed, then it is revoked as a plain public key. |
812 | .It Cm sha1 : Ar public_key | 812 | .It Cm sha1 : Ar public_key |
813 | Revokes the specified key by its SHA1 hash. | 813 | Revokes the specified key by including its SHA1 hash in the KRL. |
814 | .It Cm sha256 : Ar public_key | ||
815 | Revokes the specified key by including its SHA256 hash in the KRL. | ||
816 | KRLs that revoke keys by SHA256 hash are not supported by OpenSSH versions | ||
817 | prior to 7.9. | ||
818 | .It Cm hash : Ar fingerprint | ||
819 | Revokes a key using a fingerprint hash, as obtained from a | ||
820 | .Xr sshd 8 | ||
821 | authentication log message or the | ||
822 | .Nm | ||
823 | .Fl l | ||
824 | flag. | ||
825 | Only SHA256 fingerprints are supported here and resultant KRLs are | ||
826 | not supported by OpenSSH versions prior to 7.9. | ||
814 | .El | 827 | .El |
815 | .Pp | 828 | .Pp |
816 | KRLs may be updated using the | 829 | KRLs may be updated using the |