1 files changed, 4 insertions, 2 deletions
diff --git a/ssh-vulnkey.1 b/ssh-vulnkey.1
index 41de104de..73570fcad 100644
--- a/ssh-vulnkey.1
+++ b/ssh-vulnkey.1
@@ -166,13 +166,15 @@ If present, contains the protocol version 1 RSA identity of the system.
 .It Pa /etc/ssh/blacklist. Ns Ar TYPE Ns Pa - Ns Ar LENGTH
 If present, lists the blacklisted keys of type
 .Ar TYPE
-.Pf ( Dq RSA1 ,
+.Pf ( Dq RSA
-.Dq RSA ,
 or
 .Dq DSA )
 and bit length
 .Ar LENGTH .
 The format of this file is described above.
+RSA1 keys are converted to RSA before being checked in the blacklist.
+Note that the fingerprints of RSA1 keys are computed differently, so you
+will not be able to find them in the blacklist by hand.
 .El
 .Sh SEE ALSO
 .Xr ssh-keygen 1 ,

diff --git a/ssh-vulnkey.1 b/ssh-vulnkey.1 index 41de104de..73570fcad 100644 --- a/ssh-vulnkey.1 +++ b/ssh-vulnkey.1
@@ -166,13 +166,15 @@ If present, contains the protocol version 1 RSA identity of the system.
166	.It Pa /etc/ssh/blacklist. Ns Ar TYPE Ns Pa - Ns Ar LENGTH	166	.It Pa /etc/ssh/blacklist. Ns Ar TYPE Ns Pa - Ns Ar LENGTH
167	If present, lists the blacklisted keys of type	167	If present, lists the blacklisted keys of type
168	.Ar TYPE	168	.Ar TYPE
169	.Pf ( Dq RSA1 ,	169	.Pf ( Dq RSA
170	.Dq RSA ,
171	or	170	or
172	.Dq DSA )	171	.Dq DSA )
173	and bit length	172	and bit length
174	.Ar LENGTH .	173	.Ar LENGTH .
175	The format of this file is described above.	174	The format of this file is described above.
		175	RSA1 keys are converted to RSA before being checked in the blacklist.
		176	Note that the fingerprints of RSA1 keys are computed differently, so you
		177	will not be able to find them in the blacklist by hand.
176	.El	178	.El
177	.Sh SEE ALSO	179	.Sh SEE ALSO
178	.Xr ssh-keygen 1 ,	180	.Xr ssh-keygen 1 ,