1 files changed, 34 insertions, 7 deletions
diff --git a/ssh-keygen.1 b/ssh-keygen.1
index 45866f931..836174fb6 100644
--- a/ssh-keygen.1
+++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: ssh-keygen.1,v 1.203 2020/04/03 02:26:56 djm Exp $
+.\"     $OpenBSD: ssh-keygen.1,v 1.209 2020/09/09 03:08:01 djm Exp $
 .\"
 .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
 .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -35,7 +35,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: April 3 2020 $
+.Dd $Mdocdate: September 9 2020 $
 .Dt SSH-KEYGEN 1
 .Os
 .Sh NAME
@@ -44,16 +44,18 @@
 .Sh SYNOPSIS
 .Nm ssh-keygen
 .Op Fl q
+.Op Fl a Ar rounds
 .Op Fl b Ar bits
 .Op Fl C Ar comment
 .Op Fl f Ar output_keyfile
 .Op Fl m Ar format
-.Op Fl t Cm dsa | ecdsa | ecdsa-sk | ed25519 | ed25519-sk | rsa
 .Op Fl N Ar new_passphrase
 .Op Fl O Ar option
+.Op Fl t Cm dsa | ecdsa | ecdsa-sk | ed25519 | ed25519-sk | rsa
 .Op Fl w Ar provider
 .Nm ssh-keygen
 .Fl p
+.Op Fl a Ar rounds
 .Op Fl f Ar keyfile
 .Op Fl m Ar format
 .Op Fl N Ar new_passphrase
@@ -71,6 +73,7 @@
 .Op Fl f Ar input_keyfile
 .Nm ssh-keygen
 .Fl c
+.Op Fl a Ar rounds
 .Op Fl C Ar comment
 .Op Fl f Ar keyfile
 .Op Fl P Ar passphrase
@@ -93,6 +96,7 @@
 .Op Fl f Ar known_hosts_file
 .Nm ssh-keygen
 .Fl K
+.Op Fl a Ar rounds
 .Op Fl w Ar provider
 .Nm ssh-keygen
 .Fl R Ar hostname
@@ -125,6 +129,7 @@
 .Op Fl f Ar input_keyfile
 .Nm ssh-keygen
 .Fl A
+.Op Fl a Ar rounds
 .Op Fl f Ar prefix_path
 .Nm ssh-keygen
 .Fl k
@@ -246,7 +251,9 @@ keys may be converted using this option in conjunction with the
 .Fl p
 (change passphrase) flag.
 .Pp
-After a key is generated, instructions below detail where the keys
+After a key is generated,
+.Nm
+will ask where the keys
 should be placed to be activated.
 .Pp
 The options are as follows:
@@ -266,6 +273,7 @@ When saving a private key, this option specifies the number of KDF
 (key derivation function) rounds used.
 Higher numbers result in slower passphrase verification and increased
 resistance to brute-force password cracking (should the keys be stolen).
+The default is 16 rounds.
 .It Fl B
 Show the bubblebabble digest of specified private or public key file.
 .It Fl b Ar bits
@@ -370,6 +378,8 @@ The default import format is
 Download resident keys from a FIDO authenticator.
 Public and private key files will be written to the current directory for
 each downloaded key.
+If multiple FIDO authenticators are attached, keys will be downloaded from
+the first touched authenticator.
 .It Fl k
 Generate a KRL file.
 In this mode,
@@ -499,10 +509,17 @@ A username to be associated with a resident key,
 overriding the empty default username.
 Specifying a username may be useful when generating multiple resident keys
 for the same application name.
+.It Cm verify-required
+Indicate that this private key should require user verification for
+each signature.
+Not all FIDO tokens support this option.
+Currently PIN authentication is the only supported verification method,
+but other methods may be supported in the future.
 .It Cm write-attestation Ns = Ns Ar path
-May be used at key generation time to record the attestation certificate
+May be used at key generation time to record the attestation data
 returned from FIDO tokens during key generation.
-By default this information is discarded.
+Please note that this information is potentially sensitive.
+By default, this information is discarded.
 .El
 .Pp
 The
@@ -949,7 +966,7 @@ by
 Allows X11 forwarding.
 .Pp
 .It Ic no-touch-required
-Do not require signatures made using this key require demonstration
+Do not require signatures made using this key include demonstration
 of user presence (e.g. by having the user touch the authenticator).
 This option only makes sense for the FIDO authenticator algorithms
 .Cm ecdsa-sk
@@ -962,6 +979,16 @@ The
 .Ar address_list
 is a comma-separated list of one or more address/netmask pairs in CIDR
 format.
+.Pp
+.It Ic verify-required
+Require signatures made using this key indicate that the user was first
+verified.
+This option only makes sense for the FIDO authenticator algorithms
+.Cm ecdsa-sk
+and
+.Cm ed25519-sk .
+Currently PIN authentication is the only supported verification method,
+but other methods may be supported in the future.
 .El
 .Pp
 At present, no standard options are valid for host keys.

diff --git a/ssh-keygen.1 b/ssh-keygen.1 index 45866f931..836174fb6 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: ssh-keygen.1,v 1.203 2020/04/03 02:26:56 djm Exp $	1	.\" $OpenBSD: ssh-keygen.1,v 1.209 2020/09/09 03:08:01 djm Exp $
2	.\"	2	.\"
3	.\" Author: Tatu Ylonen <ylo@cs.hut.fi>	3	.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
4	.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -35,7 +35,7 @@
35	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	35	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
36	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	36	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
37	.\"	37	.\"
38	.Dd $Mdocdate: April 3 2020 $	38	.Dd $Mdocdate: September 9 2020 $
39	.Dt SSH-KEYGEN 1	39	.Dt SSH-KEYGEN 1
40	.Os	40	.Os
41	.Sh NAME	41	.Sh NAME
@@ -44,16 +44,18 @@
44	.Sh SYNOPSIS	44	.Sh SYNOPSIS
45	.Nm ssh-keygen	45	.Nm ssh-keygen
46	.Op Fl q	46	.Op Fl q
		47	.Op Fl a Ar rounds
47	.Op Fl b Ar bits	48	.Op Fl b Ar bits
48	.Op Fl C Ar comment	49	.Op Fl C Ar comment
49	.Op Fl f Ar output_keyfile	50	.Op Fl f Ar output_keyfile
50	.Op Fl m Ar format	51	.Op Fl m Ar format
51	.Op Fl t Cm dsa \| ecdsa \| ecdsa-sk \| ed25519 \| ed25519-sk \| rsa
52	.Op Fl N Ar new_passphrase	52	.Op Fl N Ar new_passphrase
53	.Op Fl O Ar option	53	.Op Fl O Ar option
		54	.Op Fl t Cm dsa \| ecdsa \| ecdsa-sk \| ed25519 \| ed25519-sk \| rsa
54	.Op Fl w Ar provider	55	.Op Fl w Ar provider
55	.Nm ssh-keygen	56	.Nm ssh-keygen
56	.Fl p	57	.Fl p
		58	.Op Fl a Ar rounds
57	.Op Fl f Ar keyfile	59	.Op Fl f Ar keyfile
58	.Op Fl m Ar format	60	.Op Fl m Ar format
59	.Op Fl N Ar new_passphrase	61	.Op Fl N Ar new_passphrase
@@ -71,6 +73,7 @@
71	.Op Fl f Ar input_keyfile	73	.Op Fl f Ar input_keyfile
72	.Nm ssh-keygen	74	.Nm ssh-keygen
73	.Fl c	75	.Fl c
		76	.Op Fl a Ar rounds
74	.Op Fl C Ar comment	77	.Op Fl C Ar comment
75	.Op Fl f Ar keyfile	78	.Op Fl f Ar keyfile
76	.Op Fl P Ar passphrase	79	.Op Fl P Ar passphrase
@@ -93,6 +96,7 @@
93	.Op Fl f Ar known_hosts_file	96	.Op Fl f Ar known_hosts_file
94	.Nm ssh-keygen	97	.Nm ssh-keygen
95	.Fl K	98	.Fl K
		99	.Op Fl a Ar rounds
96	.Op Fl w Ar provider	100	.Op Fl w Ar provider
97	.Nm ssh-keygen	101	.Nm ssh-keygen
98	.Fl R Ar hostname	102	.Fl R Ar hostname
@@ -125,6 +129,7 @@
125	.Op Fl f Ar input_keyfile	129	.Op Fl f Ar input_keyfile
126	.Nm ssh-keygen	130	.Nm ssh-keygen
127	.Fl A	131	.Fl A
		132	.Op Fl a Ar rounds
128	.Op Fl f Ar prefix_path	133	.Op Fl f Ar prefix_path
129	.Nm ssh-keygen	134	.Nm ssh-keygen
130	.Fl k	135	.Fl k
@@ -246,7 +251,9 @@ keys may be converted using this option in conjunction with the
246	.Fl p	251	.Fl p
247	(change passphrase) flag.	252	(change passphrase) flag.
248	.Pp	253	.Pp
249	After a key is generated, instructions below detail where the keys	254	After a key is generated,
		255	.Nm
		256	will ask where the keys
250	should be placed to be activated.	257	should be placed to be activated.
251	.Pp	258	.Pp
252	The options are as follows:	259	The options are as follows:
@@ -266,6 +273,7 @@ When saving a private key, this option specifies the number of KDF
266	(key derivation function) rounds used.	273	(key derivation function) rounds used.
267	Higher numbers result in slower passphrase verification and increased	274	Higher numbers result in slower passphrase verification and increased
268	resistance to brute-force password cracking (should the keys be stolen).	275	resistance to brute-force password cracking (should the keys be stolen).
		276	The default is 16 rounds.
269	.It Fl B	277	.It Fl B
270	Show the bubblebabble digest of specified private or public key file.	278	Show the bubblebabble digest of specified private or public key file.
271	.It Fl b Ar bits	279	.It Fl b Ar bits
@@ -370,6 +378,8 @@ The default import format is
370	Download resident keys from a FIDO authenticator.	378	Download resident keys from a FIDO authenticator.
371	Public and private key files will be written to the current directory for	379	Public and private key files will be written to the current directory for
372	each downloaded key.	380	each downloaded key.
		381	If multiple FIDO authenticators are attached, keys will be downloaded from
		382	the first touched authenticator.
373	.It Fl k	383	.It Fl k
374	Generate a KRL file.	384	Generate a KRL file.
375	In this mode,	385	In this mode,
@@ -499,10 +509,17 @@ A username to be associated with a resident key,
499	overriding the empty default username.	509	overriding the empty default username.
500	Specifying a username may be useful when generating multiple resident keys	510	Specifying a username may be useful when generating multiple resident keys
501	for the same application name.	511	for the same application name.
		512	.It Cm verify-required
		513	Indicate that this private key should require user verification for
		514	each signature.
		515	Not all FIDO tokens support this option.
		516	Currently PIN authentication is the only supported verification method,
		517	but other methods may be supported in the future.
502	.It Cm write-attestation Ns = Ns Ar path	518	.It Cm write-attestation Ns = Ns Ar path
503	May be used at key generation time to record the attestation certificate	519	May be used at key generation time to record the attestation data
504	returned from FIDO tokens during key generation.	520	returned from FIDO tokens during key generation.
505	By default this information is discarded.	521	Please note that this information is potentially sensitive.
		522	By default, this information is discarded.
506	.El	523	.El
507	.Pp	524	.Pp
508	The	525	The
@@ -949,7 +966,7 @@ by
949	Allows X11 forwarding.	966	Allows X11 forwarding.
950	.Pp	967	.Pp
951	.It Ic no-touch-required	968	.It Ic no-touch-required
952	Do not require signatures made using this key require demonstration	969	Do not require signatures made using this key include demonstration
953	of user presence (e.g. by having the user touch the authenticator).	970	of user presence (e.g. by having the user touch the authenticator).
954	This option only makes sense for the FIDO authenticator algorithms	971	This option only makes sense for the FIDO authenticator algorithms
955	.Cm ecdsa-sk	972	.Cm ecdsa-sk
@@ -962,6 +979,16 @@ The
962	.Ar address_list	979	.Ar address_list
963	is a comma-separated list of one or more address/netmask pairs in CIDR	980	is a comma-separated list of one or more address/netmask pairs in CIDR
964	format.	981	format.
		982	.Pp
		983	.It Ic verify-required
		984	Require signatures made using this key indicate that the user was first
		985	verified.
		986	This option only makes sense for the FIDO authenticator algorithms
		987	.Cm ecdsa-sk
		988	and
		989	.Cm ed25519-sk .
		990	Currently PIN authentication is the only supported verification method,
		991	but other methods may be supported in the future.
965	.El	992	.El
966	.Pp	993	.Pp
967	At present, no standard options are valid for host keys.	994	At present, no standard options are valid for host keys.