1 files changed, 57 insertions, 6 deletions
diff --git a/ssh-keygen.1 b/ssh-keygen.1
index 486de0421..50e74e110 100644
--- a/ssh-keygen.1
+++ b/ssh-keygen.1
@@ -9,7 +9,7 @@
 .\"
 .\" Created: Sat Apr 22 23:55:14 1995 ylo
 .\"
-.\" $Id: ssh-keygen.1,v 1.13 2000/04/29 13:57:12 damien Exp $
+.\" $Id: ssh-keygen.1,v 1.14 2000/05/07 02:03:18 damien Exp $
 .\"
 .Dd September 25, 1999
 .Dt SSH-KEYGEN 1
@@ -19,7 +19,7 @@
 .Nd authentication key generation
 .Sh SYNOPSIS
 .Nm ssh-keygen
-.Op Fl q
+.Op Fl dq
 .Op Fl b Ar bits
 .Op Fl N Ar new_passphrase
 .Op Fl C Ar comment
@@ -30,6 +30,15 @@
 .Op Fl N Ar new_passphrase
 .Op Fl f Ar keyfile
 .Nm ssh-keygen
+.Fl x
+.Op Fl f Ar keyfile
+.Nm ssh-keygen
+.Fl X
+.Op Fl f Ar keyfile
+.Nm ssh-keygen
+.Fl y
+.Op Fl f Ar keyfile
+.Nm ssh-keygen
 .Fl c
 .Op Fl P Ar passphrase
 .Op Fl C Ar comment
@@ -43,11 +52,21 @@
 .Nm
 generates and manages authentication keys for
 .Xr ssh 1 .
+.Nm
+defaults to generating an RSA key for use by protocols 1.3 and 1.5;
+specifying the
+.Fl d
+flag will create a DSA key instead for use by protocol 2.0.
+.Pp
 Normally each user wishing to use SSH
-with RSA authentication runs this once to create the authentication
+with RSA or DSA authentication runs this once to create the authentication
 key in
-.Pa $HOME/.ssh/identity .
+.Pa $HOME/.ssh/identity
-Additionally, the system administrator may use this to generate host keys.
+or
+.Pa $HOME/.ssh/id_dsa .
+Additionally, the system administrator may use this to generate host keys,
+as seen in
+.Pa /etc/rc .
 .Pp
 Normally this program generates the key and asks for a file in which
 to store the private key.
@@ -71,7 +90,7 @@ If the passphrase is
 lost or forgotten, you will have to generate a new key and copy the
 corresponding public key to other machines.
 .Pp
-There is also a comment field in the key file that is only for
+For RSA, there is also a comment field in the key file that is only for
 convenience to the user to help identify the key.
 The comment can tell what the key is for, or whatever is useful.
 The comment is initialized to
@@ -80,6 +99,9 @@ when the key is created, but can be changed using the
 .Fl c
 option.
 .Pp
+After a key is generated, instructions below detail where the keys
+should be placed to be activated.
+.Pp
 The options are as follows:
 .Bl -tag -width Ds
 .It Fl b Ar bits
@@ -118,6 +140,15 @@ Provides the (old) passphrase.
 If RSA support is functional, immediately exits with code 0.  If RSA
 support is not functional, exits with code 1.  This flag will be
 removed once the RSA patent expires.
+.It Fl x
+This option will read a private
+OpenSSH DSA format file and prints to stdout a SSH2-compatible public key.
+.It Fl X
+This option will read a
+SSH2-compatible public key file and print to stdout an OpenSSH DSA compatible public key.
+.It Fl y
+This option will read a private
+OpenSSH DSA format file and prints to stdout an OpenSSH DSA public key.
 .El
 .Sh FILES
 .Bl -tag -width Ds
@@ -130,6 +161,8 @@ used to encrypt the private part of this file using 3DES.
 This file is not automatically accessed by
 .Nm
 but it is offered as the default file for the private key.
+.Xr sshd 8
+will read this file when a login attempt is made.
 .It Pa $HOME/.ssh/identity.pub
 Contains the public key for authentication.
 The contents of this file should be added to
@@ -137,6 +170,24 @@ The contents of this file should be added to
 on all machines
 where you wish to log in using RSA authentication.
 There is no need to keep the contents of this file secret.
+.It Pa $HOME/.ssh/id_dsa
+Contains the DSA authentication identity of the user.
+This file should not be readable by anyone but the user.
+It is possible to
+specify a passphrase when generating the key; that passphrase will be
+used to encrypt the private part of this file using 3DES.
+This file is not automatically accessed by
+.Nm
+but it is offered as the default file for the private key.
+.Xr sshd 8
+will read this file when a login attempt is made.
+.It Pa $HOME/.ssh/id_dsa.pub
+Contains the public key for authentication.
+The contents of this file should be added to
+.Pa $HOME/.ssh/authorized_keys2
+on all machines
+where you wish to log in using DSA authentication.
+There is no need to keep the contents of this file secret.
 .Sh AUTHOR
 Tatu Ylonen <ylo@cs.hut.fi>
 .Pp

diff --git a/ssh-keygen.1 b/ssh-keygen.1 index 486de0421..50e74e110 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1
@@ -9,7 +9,7 @@
9	.\"	9	.\"
10	.\" Created: Sat Apr 22 23:55:14 1995 ylo	10	.\" Created: Sat Apr 22 23:55:14 1995 ylo
11	.\"	11	.\"
12	.\" $Id: ssh-keygen.1,v 1.13 2000/04/29 13:57:12 damien Exp $	12	.\" $Id: ssh-keygen.1,v 1.14 2000/05/07 02:03:18 damien Exp $
13	.\"	13	.\"
14	.Dd September 25, 1999	14	.Dd September 25, 1999
15	.Dt SSH-KEYGEN 1	15	.Dt SSH-KEYGEN 1
@@ -19,7 +19,7 @@
19	.Nd authentication key generation	19	.Nd authentication key generation
20	.Sh SYNOPSIS	20	.Sh SYNOPSIS
21	.Nm ssh-keygen	21	.Nm ssh-keygen
22	.Op Fl q	22	.Op Fl dq
23	.Op Fl b Ar bits	23	.Op Fl b Ar bits
24	.Op Fl N Ar new_passphrase	24	.Op Fl N Ar new_passphrase
25	.Op Fl C Ar comment	25	.Op Fl C Ar comment
@@ -30,6 +30,15 @@
30	.Op Fl N Ar new_passphrase	30	.Op Fl N Ar new_passphrase
31	.Op Fl f Ar keyfile	31	.Op Fl f Ar keyfile
32	.Nm ssh-keygen	32	.Nm ssh-keygen
		33	.Fl x
		34	.Op Fl f Ar keyfile
		35	.Nm ssh-keygen
		36	.Fl X
		37	.Op Fl f Ar keyfile
		38	.Nm ssh-keygen
		39	.Fl y
		40	.Op Fl f Ar keyfile
		41	.Nm ssh-keygen
33	.Fl c	42	.Fl c
34	.Op Fl P Ar passphrase	43	.Op Fl P Ar passphrase
35	.Op Fl C Ar comment	44	.Op Fl C Ar comment
@@ -43,11 +52,21 @@
43	.Nm	52	.Nm
44	generates and manages authentication keys for	53	generates and manages authentication keys for
45	.Xr ssh 1 .	54	.Xr ssh 1 .
		55	.Nm
		56	defaults to generating an RSA key for use by protocols 1.3 and 1.5;
		57	specifying the
		58	.Fl d
		59	flag will create a DSA key instead for use by protocol 2.0.
		60	.Pp
46	Normally each user wishing to use SSH	61	Normally each user wishing to use SSH
47	with RSA authentication runs this once to create the authentication	62	with RSA or DSA authentication runs this once to create the authentication
48	key in	63	key in
49	.Pa $HOME/.ssh/identity .	64	.Pa $HOME/.ssh/identity
50	Additionally, the system administrator may use this to generate host keys.	65	or
		66	.Pa $HOME/.ssh/id_dsa .
		67	Additionally, the system administrator may use this to generate host keys,
		68	as seen in
		69	.Pa /etc/rc .
51	.Pp	70	.Pp
52	Normally this program generates the key and asks for a file in which	71	Normally this program generates the key and asks for a file in which
53	to store the private key.	72	to store the private key.
@@ -71,7 +90,7 @@ If the passphrase is
71	lost or forgotten, you will have to generate a new key and copy the	90	lost or forgotten, you will have to generate a new key and copy the
72	corresponding public key to other machines.	91	corresponding public key to other machines.
73	.Pp	92	.Pp
74	There is also a comment field in the key file that is only for	93	For RSA, there is also a comment field in the key file that is only for
75	convenience to the user to help identify the key.	94	convenience to the user to help identify the key.
76	The comment can tell what the key is for, or whatever is useful.	95	The comment can tell what the key is for, or whatever is useful.
77	The comment is initialized to	96	The comment is initialized to
@@ -80,6 +99,9 @@ when the key is created, but can be changed using the
80	.Fl c	99	.Fl c
81	option.	100	option.
82	.Pp	101	.Pp
		102	After a key is generated, instructions below detail where the keys
		103	should be placed to be activated.
		104	.Pp
83	The options are as follows:	105	The options are as follows:
84	.Bl -tag -width Ds	106	.Bl -tag -width Ds
85	.It Fl b Ar bits	107	.It Fl b Ar bits
@@ -118,6 +140,15 @@ Provides the (old) passphrase.
118	If RSA support is functional, immediately exits with code 0. If RSA	140	If RSA support is functional, immediately exits with code 0. If RSA
119	support is not functional, exits with code 1. This flag will be	141	support is not functional, exits with code 1. This flag will be
120	removed once the RSA patent expires.	142	removed once the RSA patent expires.
		143	.It Fl x
		144	This option will read a private
		145	OpenSSH DSA format file and prints to stdout a SSH2-compatible public key.
		146	.It Fl X
		147	This option will read a
		148	SSH2-compatible public key file and print to stdout an OpenSSH DSA compatible public key.
		149	.It Fl y
		150	This option will read a private
		151	OpenSSH DSA format file and prints to stdout an OpenSSH DSA public key.
121	.El	152	.El
122	.Sh FILES	153	.Sh FILES
123	.Bl -tag -width Ds	154	.Bl -tag -width Ds
@@ -130,6 +161,8 @@ used to encrypt the private part of this file using 3DES.
130	This file is not automatically accessed by	161	This file is not automatically accessed by
131	.Nm	162	.Nm
132	but it is offered as the default file for the private key.	163	but it is offered as the default file for the private key.
		164	.Xr sshd 8
		165	will read this file when a login attempt is made.
133	.It Pa $HOME/.ssh/identity.pub	166	.It Pa $HOME/.ssh/identity.pub
134	Contains the public key for authentication.	167	Contains the public key for authentication.
135	The contents of this file should be added to	168	The contents of this file should be added to
@@ -137,6 +170,24 @@ The contents of this file should be added to
137	on all machines	170	on all machines
138	where you wish to log in using RSA authentication.	171	where you wish to log in using RSA authentication.
139	There is no need to keep the contents of this file secret.	172	There is no need to keep the contents of this file secret.
		173	.It Pa $HOME/.ssh/id_dsa
		174	Contains the DSA authentication identity of the user.
		175	This file should not be readable by anyone but the user.
		176	It is possible to
		177	specify a passphrase when generating the key; that passphrase will be
		178	used to encrypt the private part of this file using 3DES.
		179	This file is not automatically accessed by
		180	.Nm
		181	but it is offered as the default file for the private key.
		182	.Xr sshd 8
		183	will read this file when a login attempt is made.
		184	.It Pa $HOME/.ssh/id_dsa.pub
		185	Contains the public key for authentication.
		186	The contents of this file should be added to
		187	.Pa $HOME/.ssh/authorized_keys2
		188	on all machines
		189	where you wish to log in using DSA authentication.
		190	There is no need to keep the contents of this file secret.
140	.Sh AUTHOR	191	.Sh AUTHOR
141	Tatu Ylonen <ylo@cs.hut.fi>	192	Tatu Ylonen <ylo@cs.hut.fi>
142	.Pp	193	.Pp