- djm@cvs.openbsd.org 2010/08/31 11:54:45
[PROTOCOL PROTOCOL.agent PROTOCOL.certkeys auth2-jpake.c authfd.c]
[authfile.c buffer.h dns.c kex.c kex.h key.c key.h monitor.c]
[monitor_wrap.c myproposal.h packet.c packet.h pathnames.h readconf.c]
[ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c]
[ssh-keyscan.1 ssh-keyscan.c ssh-keysign.8 ssh.1 ssh.c ssh2.h]
[ssh_config.5 sshconnect.c sshconnect2.c sshd.8 sshd.c sshd_config.5]
[uuencode.c uuencode.h bufec.c kexecdh.c kexecdhc.c kexecdhs.c ssh-ecdsa.c]
Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and
host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer
better performance than plain DH and DSA at the same equivalent symmetric
key length, as well as much shorter keys.
Only the mandatory sections of RFC5656 are implemented, specifically the
three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and
ECDSA. Point compression (optional in RFC5656 is NOT implemented).
Certificate host and user keys using the new ECDSA key types are supported.
Note that this code has not been tested for interoperability and may be
subject to change.
feedback and ok markus@
diff --git a/ssh.1 b/ssh.1
index 9b134f4..a3d0011 100644
--- a/ssh.1
+++ b/ssh.1
@@ -34,8 +34,8 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: ssh.1,v 1.309 2010/08/08 19:36:30 jmc Exp $
-.Dd $Mdocdate: August 8 2010 $
+.\" $OpenBSD: ssh.1,v 1.310 2010/08/31 11:54:45 djm Exp $
+.Dd $Mdocdate: August 31 2010 $
.Dt SSH 1
.Os
.Sh NAME
@@ -269,13 +269,14 @@
private RSA key.
.It Fl i Ar identity_file
Selects a file from which the identity (private key) for
-RSA or DSA authentication is read.
+public key authentication is read.
The default is
.Pa ~/.ssh/identity
for protocol version 1, and
-.Pa ~/.ssh/id_rsa
+.Pa ~/.ssh/id_dsa ,
+.Pa ~/.ssh/id_ecdsa
and
-.Pa ~/.ssh/id_dsa
+.Pa ~/.ssh/id_rsa
for protocol version 2.
Identity files may also be specified on
a per-host basis in the configuration file.
@@ -721,9 +722,9 @@
The server knows the public key, and only the user knows the private key.
.Nm
implements public key authentication protocol automatically,
-using either the RSA or DSA algorithms.
+using one of the DSA, ECDSA or RSA algorithms.
Protocol 1 is restricted to using only RSA keys,
-but protocol 2 may use either.
+but protocol 2 may use any.
The
.Sx HISTORY
section of
@@ -748,6 +749,8 @@
(protocol 1),
.Pa ~/.ssh/id_dsa
(protocol 2 DSA),
+.Pa ~/.ssh/id_ecdsa
+(protocol 2 ECDSA),
or
.Pa ~/.ssh/id_rsa
(protocol 2 RSA)
@@ -756,6 +759,8 @@
(protocol 1),
.Pa ~/.ssh/id_dsa.pub
(protocol 2 DSA),
+.Pa ~/.ssh/id_ecdsa.pub
+(protocol 2 ECDSA),
or
.Pa ~/.ssh/id_rsa.pub
(protocol 2 RSA)
@@ -1277,7 +1282,8 @@
and not accessible by others.
.Pp
.It Pa ~/.ssh/authorized_keys
-Lists the public keys (RSA/DSA) that can be used for logging in as this user.
+Lists the public keys (DSA/ECDSA/RSA) that can be used for logging in as
+this user.
The format of this file is described in the
.Xr sshd 8
manual page.
@@ -1298,6 +1304,7 @@
.Pp
.It Pa ~/.ssh/identity
.It Pa ~/.ssh/id_dsa
+.It Pa ~/.ssh/id_ecdsa
.It Pa ~/.ssh/id_rsa
Contains the private key for authentication.
These files
@@ -1311,6 +1318,7 @@
.Pp
.It Pa ~/.ssh/identity.pub
.It Pa ~/.ssh/id_dsa.pub
+.It Pa ~/.ssh/id_ecdsa.pub
.It Pa ~/.ssh/id_rsa.pub
Contains the public key for authentication.
These files are not
@@ -1349,6 +1357,7 @@
.Pp
.It Pa /etc/ssh/ssh_host_key
.It Pa /etc/ssh/ssh_host_dsa_key
+.It Pa /etc/ssh/ssh_host_ecdsa_key
.It Pa /etc/ssh/ssh_host_rsa_key
These three files contain the private parts of the host keys
and are used for host-based authentication.