- (djm) Merge OpenBSD changes:
- markus@cvs.openbsd.org 2000/11/06 16:04:56
[channels.c channels.h clientloop.c nchan.c serverloop.c]
[session.c ssh.c]
agent forwarding and -R for ssh2, based on work from
jhuuskon@messi.uku.fi
- markus@cvs.openbsd.org 2000/11/06 16:13:27
[ssh.c sshconnect.c sshd.c]
do not disabled rhosts(rsa) if server port > 1024; from
pekkas@netcore.fi
- markus@cvs.openbsd.org 2000/11/06 16:16:35
[sshconnect.c]
downgrade client to 1.3 if server is 1.4; help from mdb@juniper.net
- markus@cvs.openbsd.org 2000/11/09 18:04:40
[auth1.c]
typo; from mouring@pconline.com
- markus@cvs.openbsd.org 2000/11/12 12:03:28
[ssh-agent.c]
off-by-one when removing a key from the agent
- markus@cvs.openbsd.org 2000/11/12 12:50:39
[auth-rh-rsa.c auth2.c authfd.c authfd.h]
[authfile.c hostfile.c kex.c kex.h key.c key.h myproposal.h]
[readconf.c readconf.h rsa.c rsa.h servconf.c servconf.h ssh-add.c]
[ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config]
[sshconnect1.c sshconnect2.c sshd.8 sshd.c sshd_config ssh-dss.c]
[ssh-dss.h ssh-rsa.c ssh-rsa.h dsa.c dsa.h]
add support for RSA to SSH2. please test.
there are now 3 types of keys: RSA1 is used by ssh-1 only,
RSA and DSA are used by SSH2.
you can use 'ssh-keygen -t rsa -f ssh2_rsa_file' to generate RSA
keys for SSH2 and use the RSA keys for hostkeys or for user keys.
SSH2 RSA or DSA keys are added to .ssh/authorised_keys2 as before.
- (djm) Fix up Makefile and Redhat init script to create RSA host keys
- (djm) Change to interim version
diff --git a/ssh-keygen.1 b/ssh-keygen.1
index b91a098..b1430f1 100644
--- a/ssh-keygen.1
+++ b/ssh-keygen.1
@@ -43,8 +43,9 @@
.Nd authentication key generation
.Sh SYNOPSIS
.Nm ssh-keygen
-.Op Fl dq
+.Op Fl q
.Op Fl b Ar bits
+.Op Fl t Ar type
.Op Fl N Ar new_passphrase
.Op Fl C Ar comment
.Op Fl f Ar output_keyfile
@@ -79,8 +80,8 @@
.Nm
defaults to generating an RSA key for use by protocols 1.3 and 1.5;
specifying the
-.Fl d
-flag will create a DSA key instead for use by protocol 2.0.
+.Fl t
+allows you to create a key for use by protocol 2.0.
.Pp
Normally each user wishing to use SSH
with RSA or DSA authentication runs this once to create the authentication
@@ -154,6 +155,17 @@
Used by
.Pa /etc/rc
when creating a new key.
+.It Fl t Ar type
+Specifies the type of the key to create.
+The possible values are
+.Dq rsa1
+for protocol version 1 and
+.Dq rsa
+or
+.Dq dsa
+for protocol version 2.
+The default is
+.Dq rsa .
.It Fl C Ar comment
Provides the new comment.
.It Fl N Ar new_passphrase
@@ -173,7 +185,7 @@
print an OpenSSH compatible private (or public) key to stdout.
.It Fl y
This option will read a private
-OpenSSH DSA format file and print an OpenSSH DSA public key to stdout.
+OpenSSH format file and print an OpenSSH public key to stdout.
.El
.Sh FILES
.Bl -tag -width Ds
@@ -211,10 +223,10 @@
The contents of this file should be added to
.Pa $HOME/.ssh/authorized_keys2
on all machines
-where you wish to log in using DSA authentication.
+where you wish to log in using public key authentication.
There is no need to keep the contents of this file secret.
.El
-.Sh AUTHOR
+.Sh AUTHORS
Tatu Ylonen <ylo@cs.hut.fi>
.Pp
OpenSSH