- jakob@cvs.openbsd.org 2003/05/14 18:16:20
[key.c key.h readconf.c readconf.h ssh_config.5 sshconnect.c]
[dns.c dns.h README.dns ssh-keygen.1 ssh-keygen.c]
add experimental support for verifying hos keys using DNS as described
in draft-ietf-secsh-dns-xx.txt. more information in README.dns.
ok markus@ and henning@
diff --git a/ssh-keygen.1 b/ssh-keygen.1
index 000e8ff..613d71a 100644
--- a/ssh-keygen.1
+++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ssh-keygen.1,v 1.56 2003/03/28 10:11:43 jmc Exp $
+.\" $OpenBSD: ssh-keygen.1,v 1.57 2003/05/14 18:16:20 jakob Exp $
.\"
.\" -*- nroff -*-
.\"
@@ -83,6 +83,10 @@
.Nm ssh-keygen
.Fl U Ar reader
.Op Fl f Ar input_keyfile
+.Nm ssh-keygen
+.Fl r Ar hostname
+.Op Fl f Ar input_keyfile
+.Op Fl g
.Sh DESCRIPTION
.Nm
generates, manages and converts authentication keys for
@@ -163,6 +167,8 @@
to stdout.
This option allows exporting keys for use by several commercial
SSH implementations.
+.It Fl g
+Use generic DNS resource record format.
.It Fl f Ar filename
Specifies the filename of the key file.
.It Fl i
@@ -218,6 +224,9 @@
.It Fl U Ar reader
Upload an existing RSA private key into the smartcard in
.Ar reader .
+.It Fl r Ar hostname
+Print DNS resource record with the specified
+.Ar hostname .
.El
.Sh FILES
.Bl -tag -width Ds