1 files changed, 119 insertions, 12 deletions
diff --git a/ssh-keygen.1 b/ssh-keygen.1
index 000e8ff2a..dc4bcacd0 100644
--- a/ssh-keygen.1
+++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: ssh-keygen.1,v 1.56 2003/03/28 10:11:43 jmc Exp $
+.\"     $OpenBSD: ssh-keygen.1,v 1.60 2003/07/28 09:49:56 djm Exp $
 .\"
 .\"  -*- nroff -*-
 .\"
@@ -83,17 +83,38 @@
 .Nm ssh-keygen
 .Fl U Ar reader
 .Op Fl f Ar input_keyfile
+.Nm ssh-keygen
+.Fl r Ar hostname
+.Op Fl f Ar input_keyfile
+.Op Fl g
+.Nm ssh-keygen
+.Fl G Ar output_file
+.Op Fl b Ar bits
+.Op Fl M Ar memory
+.Op Fl S Ar start_point
+.Nm ssh-keygen
+.Fl T Ar output_file
+.Fl f Ar input_file
+.Op Fl a Ar num_trials
+.Op Fl W Ar generator
 .Sh DESCRIPTION
 .Nm
 generates, manages and converts authentication keys for
 .Xr ssh 1 .
 .Nm
 can create RSA keys for use by SSH protocol version 1 and RSA or DSA
-keys for use by SSH protocol version 2. The type of key to be generated
+keys for use by SSH protocol version 2.
-is specified with the
+The type of key to be generated is specified with the
 .Fl t
 option.
 .Pp
+.Nm
+is also used to generate groups for use in Diffie-Hellman group
+exchange (DH-GEX).
+See the
+.Sx MODULI GENERATION
+section for details.
+.Pp
 Normally each user wishing to use SSH
 with RSA or DSA authentication runs this once to create the authentication
 key in
@@ -146,6 +167,11 @@ should be placed to be activated.
 .Pp
 The options are as follows:
 .Bl -tag -width Ds
+.It Fl a Ar trials
+Specifies the number of primality tests to perform when screening DH-GEX
+candidates using the
+.Fl T
+command.
 .It Fl b Ar bits
 Specifies the number of bits in the key to create.
 Minimum is 512 bits.
@@ -163,6 +189,8 @@ print the key in a
 to stdout.
 This option allows exporting keys for use by several commercial
 SSH implementations.
+.It Fl g
+Use generic DNS resource record format.
 .It Fl f Ar filename
 Specifies the filename of the key file.
 .It Fl i
@@ -211,14 +239,88 @@ Provides the new comment.
 .It Fl D Ar reader
 Download the RSA public key stored in the smartcard in
 .Ar reader .
+.It Fl G Ar output_file
+Generate candidate primes for DH-GEX.
+These primes must be screened for
+safety (using the
+.Fl T
+option) before use.
+.It Fl M Ar memory
+Specify the amount of memory to use (in megabytes) when generating
+candidate moduli for DH-GEX.
 .It Fl N Ar new_passphrase
 Provides the new passphrase.
 .It Fl P Ar passphrase
 Provides the (old) passphrase.
+.It Fl S Ar start
+Specify start point (in hex) when generating candidate moduli for DH-GEX.
+.It Fl T Ar output_file
+Test DH group exchange candidate primes (generated using the
+.Fl G
+option) for safety.
+.It Fl W Ar generator
+Specify desired generator when testing candidate moduli for DH-GEX.
 .It Fl U Ar reader
 Upload an existing RSA private key into the smartcard in
 .Ar reader .
+.It Fl r Ar hostname
+Print DNS resource record with the specified
+.Ar hostname .
 .El
+.Sh MODULI GENERATION
+.Nm
+may be used to generate groups for the Diffie-Hellman Group Exchange
+(DH-GEX) protocol.
+Generating these groups is a two-step process: first, candidate
+primes are generated using a fast, but memory intensive process.
+These candidate primes are then tested for suitability (a CPU-intensive
+process).
+.Pp
+Generation of primes is performed using the
+.Fl G
+option.
+The desired length of the primes may be specified by the
+.Fl b
+option.
+For example:
+.Pp
+.Dl ssh-keygen -G moduli-2048.candidates -b 2048
+.Pp
+By default, the search for primes begins at a random point in the
+desired length range.
+This may be overridden using the
+.Fl S
+option, which specifies a different start point (in hex).
+.Pp
+Once a set of candidates have been generated, they must be tested for
+suitability.
+This may be performed using the
+.Fl T
+option.
+In this mode
+.Nm
+will read candidates from standard input (or a file specified using the
+.Fl f
+option).
+For example:
+.Pp
+.Dl ssh-keygen -T moduli-2048 -f moduli-2048.candidates
+.Pp
+By default, each candidate will be subjected to 100 primality tests.
+This may be overridden using the
+.Fl a
+option.
+The DH generator value will be chosen automatically for the
+prime under consideration.
+If a specific generator is desired, it may be requested using the
+.Fl W
+option.
+Valid generator values are 2, 3 and 5.
+.Pp
+Screened DH groups may be installed in
+.Pa /etc/moduli .
+It is important that this file contains moduli of a range of bit lengths and
+that both ends of a connection share common moduli.
 .Sh FILES
 .Bl -tag -width Ds
 .It Pa $HOME/.ssh/identity
@@ -275,20 +377,16 @@ The contents of this file should be added to
 on all machines
 where the user wishes to log in using public key authentication.
 There is no need to keep the contents of this file secret.
+.It Pa /etc/moduli
+Contains Diffie-Hellman groups used for DH-GEX.
+The file format is described in
+.Xr moduli 5 .
 .El
-.Sh AUTHORS
-OpenSSH is a derivative of the original and free
-ssh 1.2.12 release by Tatu Ylonen.
-Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
-Theo de Raadt and Dug Song
-removed many bugs, re-added newer features and
-created OpenSSH.
-Markus Friedl contributed the support for SSH
-protocol versions 1.5 and 2.0.
 .Sh SEE ALSO
 .Xr ssh 1 ,
 .Xr ssh-add 1 ,
 .Xr ssh-agent 1 ,
+.Xr moduli 5 ,
 .Xr sshd 8
 .Rs
 .%A J. Galbraith
@@ -298,3 +396,12 @@ protocol versions 1.5 and 2.0.
 .%D March 2001
 .%O work in progress material
 .Re
+.Sh AUTHORS
+OpenSSH is a derivative of the original and free
+ssh 1.2.12 release by Tatu Ylonen.
+Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
+Theo de Raadt and Dug Song
+removed many bugs, re-added newer features and
+created OpenSSH.
+Markus Friedl contributed the support for SSH
+protocol versions 1.5 and 2.0.

diff --git a/ssh-keygen.1 b/ssh-keygen.1 index 000e8ff2a..dc4bcacd0 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: ssh-keygen.1,v 1.56 2003/03/28 10:11:43 jmc Exp $	1	.\" $OpenBSD: ssh-keygen.1,v 1.60 2003/07/28 09:49:56 djm Exp $
2	.\"	2	.\"
3	.\" -- nroff --	3	.\" -- nroff --
4	.\"	4	.\"
@@ -83,17 +83,38 @@
83	.Nm ssh-keygen	83	.Nm ssh-keygen
84	.Fl U Ar reader	84	.Fl U Ar reader
85	.Op Fl f Ar input_keyfile	85	.Op Fl f Ar input_keyfile
		86	.Nm ssh-keygen
		87	.Fl r Ar hostname
		88	.Op Fl f Ar input_keyfile
		89	.Op Fl g
		90	.Nm ssh-keygen
		91	.Fl G Ar output_file
		92	.Op Fl b Ar bits
		93	.Op Fl M Ar memory
		94	.Op Fl S Ar start_point
		95	.Nm ssh-keygen
		96	.Fl T Ar output_file
		97	.Fl f Ar input_file
		98	.Op Fl a Ar num_trials
		99	.Op Fl W Ar generator
86	.Sh DESCRIPTION	100	.Sh DESCRIPTION
87	.Nm	101	.Nm
88	generates, manages and converts authentication keys for	102	generates, manages and converts authentication keys for
89	.Xr ssh 1 .	103	.Xr ssh 1 .
90	.Nm	104	.Nm
91	can create RSA keys for use by SSH protocol version 1 and RSA or DSA	105	can create RSA keys for use by SSH protocol version 1 and RSA or DSA
92	keys for use by SSH protocol version 2. The type of key to be generated	106	keys for use by SSH protocol version 2.
93	is specified with the	107	The type of key to be generated is specified with the
94	.Fl t	108	.Fl t
95	option.	109	option.
96	.Pp	110	.Pp
		111	.Nm
		112	is also used to generate groups for use in Diffie-Hellman group
		113	exchange (DH-GEX).
		114	See the
		115	.Sx MODULI GENERATION
		116	section for details.
		117	.Pp
97	Normally each user wishing to use SSH	118	Normally each user wishing to use SSH
98	with RSA or DSA authentication runs this once to create the authentication	119	with RSA or DSA authentication runs this once to create the authentication
99	key in	120	key in
@@ -146,6 +167,11 @@ should be placed to be activated.
146	.Pp	167	.Pp
147	The options are as follows:	168	The options are as follows:
148	.Bl -tag -width Ds	169	.Bl -tag -width Ds
		170	.It Fl a Ar trials
		171	Specifies the number of primality tests to perform when screening DH-GEX
		172	candidates using the
		173	.Fl T
		174	command.
149	.It Fl b Ar bits	175	.It Fl b Ar bits
150	Specifies the number of bits in the key to create.	176	Specifies the number of bits in the key to create.
151	Minimum is 512 bits.	177	Minimum is 512 bits.
@@ -163,6 +189,8 @@ print the key in a
163	to stdout.	189	to stdout.
164	This option allows exporting keys for use by several commercial	190	This option allows exporting keys for use by several commercial
165	SSH implementations.	191	SSH implementations.
		192	.It Fl g
		193	Use generic DNS resource record format.
166	.It Fl f Ar filename	194	.It Fl f Ar filename
167	Specifies the filename of the key file.	195	Specifies the filename of the key file.
168	.It Fl i	196	.It Fl i
@@ -211,14 +239,88 @@ Provides the new comment.
211	.It Fl D Ar reader	239	.It Fl D Ar reader
212	Download the RSA public key stored in the smartcard in	240	Download the RSA public key stored in the smartcard in
213	.Ar reader .	241	.Ar reader .
		242	.It Fl G Ar output_file
		243	Generate candidate primes for DH-GEX.
		244	These primes must be screened for
		245	safety (using the
		246	.Fl T
		247	option) before use.
		248	.It Fl M Ar memory
		249	Specify the amount of memory to use (in megabytes) when generating
		250	candidate moduli for DH-GEX.
214	.It Fl N Ar new_passphrase	251	.It Fl N Ar new_passphrase
215	Provides the new passphrase.	252	Provides the new passphrase.
216	.It Fl P Ar passphrase	253	.It Fl P Ar passphrase
217	Provides the (old) passphrase.	254	Provides the (old) passphrase.
		255	.It Fl S Ar start
		256	Specify start point (in hex) when generating candidate moduli for DH-GEX.
		257	.It Fl T Ar output_file
		258	Test DH group exchange candidate primes (generated using the
		259	.Fl G
		260	option) for safety.
		261	.It Fl W Ar generator
		262	Specify desired generator when testing candidate moduli for DH-GEX.
218	.It Fl U Ar reader	263	.It Fl U Ar reader
219	Upload an existing RSA private key into the smartcard in	264	Upload an existing RSA private key into the smartcard in
220	.Ar reader .	265	.Ar reader .
		266	.It Fl r Ar hostname
		267	Print DNS resource record with the specified
		268	.Ar hostname .
221	.El	269	.El
		270	.Sh MODULI GENERATION
		271	.Nm
		272	may be used to generate groups for the Diffie-Hellman Group Exchange
		273	(DH-GEX) protocol.
		274	Generating these groups is a two-step process: first, candidate
		275	primes are generated using a fast, but memory intensive process.
		276	These candidate primes are then tested for suitability (a CPU-intensive
		277	process).
		278	.Pp
		279	Generation of primes is performed using the
		280	.Fl G
		281	option.
		282	The desired length of the primes may be specified by the
		283	.Fl b
		284	option.
		285	For example:
		286	.Pp
		287	.Dl ssh-keygen -G moduli-2048.candidates -b 2048
		288	.Pp
		289	By default, the search for primes begins at a random point in the
		290	desired length range.
		291	This may be overridden using the
		292	.Fl S
		293	option, which specifies a different start point (in hex).
		294	.Pp
		295	Once a set of candidates have been generated, they must be tested for
		296	suitability.
		297	This may be performed using the
		298	.Fl T
		299	option.
		300	In this mode
		301	.Nm
		302	will read candidates from standard input (or a file specified using the
		303	.Fl f
		304	option).
		305	For example:
		306	.Pp
		307	.Dl ssh-keygen -T moduli-2048 -f moduli-2048.candidates
		308	.Pp
		309	By default, each candidate will be subjected to 100 primality tests.
		310	This may be overridden using the
		311	.Fl a
		312	option.
		313	The DH generator value will be chosen automatically for the
		314	prime under consideration.
		315	If a specific generator is desired, it may be requested using the
		316	.Fl W
		317	option.
		318	Valid generator values are 2, 3 and 5.
		319	.Pp
		320	Screened DH groups may be installed in
		321	.Pa /etc/moduli .
		322	It is important that this file contains moduli of a range of bit lengths and
		323	that both ends of a connection share common moduli.
222	.Sh FILES	324	.Sh FILES
223	.Bl -tag -width Ds	325	.Bl -tag -width Ds
224	.It Pa $HOME/.ssh/identity	326	.It Pa $HOME/.ssh/identity
@@ -275,20 +377,16 @@ The contents of this file should be added to
275	on all machines	377	on all machines
276	where the user wishes to log in using public key authentication.	378	where the user wishes to log in using public key authentication.
277	There is no need to keep the contents of this file secret.	379	There is no need to keep the contents of this file secret.
		380	.It Pa /etc/moduli
		381	Contains Diffie-Hellman groups used for DH-GEX.
		382	The file format is described in
		383	.Xr moduli 5 .
278	.El	384	.El
279	.Sh AUTHORS
280	OpenSSH is a derivative of the original and free
281	ssh 1.2.12 release by Tatu Ylonen.
282	Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
283	Theo de Raadt and Dug Song
284	removed many bugs, re-added newer features and
285	created OpenSSH.
286	Markus Friedl contributed the support for SSH
287	protocol versions 1.5 and 2.0.
288	.Sh SEE ALSO	385	.Sh SEE ALSO
289	.Xr ssh 1 ,	386	.Xr ssh 1 ,
290	.Xr ssh-add 1 ,	387	.Xr ssh-add 1 ,
291	.Xr ssh-agent 1 ,	388	.Xr ssh-agent 1 ,
		389	.Xr moduli 5 ,
292	.Xr sshd 8	390	.Xr sshd 8
293	.Rs	391	.Rs
294	.%A J. Galbraith	392	.%A J. Galbraith
@@ -298,3 +396,12 @@ protocol versions 1.5 and 2.0.
298	.%D March 2001	396	.%D March 2001
299	.%O work in progress material	397	.%O work in progress material
300	.Re	398	.Re
		399	.Sh AUTHORS
		400	OpenSSH is a derivative of the original and free
		401	ssh 1.2.12 release by Tatu Ylonen.
		402	Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
		403	Theo de Raadt and Dug Song
		404	removed many bugs, re-added newer features and
		405	created OpenSSH.
		406	Markus Friedl contributed the support for SSH
		407	protocol versions 1.5 and 2.0.