diff options
Diffstat (limited to 'ssh-keygen.1')
-rw-r--r-- | ssh-keygen.1 | 26 |
1 files changed, 23 insertions, 3 deletions
diff --git a/ssh-keygen.1 b/ssh-keygen.1 index ce2213c78..cfbd4cfa5 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1 | |||
@@ -1,4 +1,4 @@ | |||
1 | .\" $OpenBSD: ssh-keygen.1,v 1.133 2016/06/16 06:10:45 jmc Exp $ | 1 | .\" $OpenBSD: ssh-keygen.1,v 1.134 2017/04/29 04:12:25 djm Exp $ |
2 | .\" | 2 | .\" |
3 | .\" Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | .\" Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -35,7 +35,7 @@ | |||
35 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 35 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
36 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 36 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
37 | .\" | 37 | .\" |
38 | .Dd $Mdocdate: June 16 2016 $ | 38 | .Dd $Mdocdate: April 29 2017 $ |
39 | .Dt SSH-KEYGEN 1 | 39 | .Dt SSH-KEYGEN 1 |
40 | .Os | 40 | .Os |
41 | .Sh NAME | 41 | .Sh NAME |
@@ -474,9 +474,29 @@ The | |||
474 | .Ar address_list | 474 | .Ar address_list |
475 | is a comma-separated list of one or more address/netmask pairs in CIDR | 475 | is a comma-separated list of one or more address/netmask pairs in CIDR |
476 | format. | 476 | format. |
477 | .It Ic extension Ns : Ns Ar name Ns Op Ns = Ns Ar contents | ||
478 | Includes an arbitrary certificate extension. | ||
479 | .It Ic critical Ns : Ns Ar name Ns Op Ns = Ns Ar contents | ||
480 | Includes an arbitrary certificate critical option. | ||
477 | .El | 481 | .El |
478 | .Pp | 482 | .Pp |
479 | At present, no options are valid for host keys. | 483 | At present, no standard options are valid for host keys. |
484 | .Pp | ||
485 | For non-standard certificate extension or options included using | ||
486 | .Ic extension | ||
487 | or | ||
488 | .Ic option , | ||
489 | the specified | ||
490 | .Ar name | ||
491 | should include a domain suffix, e.g. | ||
492 | .Dq name@example.com . | ||
493 | If a | ||
494 | .Ar contents | ||
495 | is specified then it is included as the contents of the extension/option | ||
496 | encoded as a string, otherwise the extension/option is created with no | ||
497 | contents (usually indicating a flag). | ||
498 | Extensions may be ignored by a client or server that does not recognise them, | ||
499 | whereas unknown critical options will cause the certificate to be refused. | ||
480 | .It Fl o | 500 | .It Fl o |
481 | Causes | 501 | Causes |
482 | .Nm | 502 | .Nm |