blob: c0f24dcd0bee71f58ed2a8f05d310a646de8c12d [file] [log] [blame]
Darren Tucker6e370372004-08-13 21:23:25 +10001.\" $OpenBSD: ssh-keygen.1,v 1.63 2004/08/13 00:01:43 jmc Exp $
Ben Lindstrom36579d32001-01-29 07:39:26 +00002.\"
Damien Miller32aa1441999-10-29 09:15:49 +10003.\" -*- nroff -*-
4.\"
Damien Miller32aa1441999-10-29 09:15:49 +10005.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
Damien Miller32aa1441999-10-29 09:15:49 +10006.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
7.\" All rights reserved
8.\"
Damien Millere4340be2000-09-16 13:29:08 +11009.\" As far as I am concerned, the code I have written for this software
10.\" can be used freely for any purpose. Any derived versions of this
11.\" software must be clearly marked as such, and if the derived work is
12.\" incompatible with the protocol description in the RFC file, it must be
13.\" called by a name other than "ssh" or "Secure Shell".
Damien Miller32aa1441999-10-29 09:15:49 +100014.\"
Damien Millere4340be2000-09-16 13:29:08 +110015.\"
Ben Lindstrom92a2e382001-03-05 06:59:27 +000016.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved.
17.\" Copyright (c) 1999 Aaron Campbell. All rights reserved.
18.\" Copyright (c) 1999 Theo de Raadt. All rights reserved.
Damien Millere4340be2000-09-16 13:29:08 +110019.\"
20.\" Redistribution and use in source and binary forms, with or without
21.\" modification, are permitted provided that the following conditions
22.\" are met:
23.\" 1. Redistributions of source code must retain the above copyright
24.\" notice, this list of conditions and the following disclaimer.
25.\" 2. Redistributions in binary form must reproduce the above copyright
26.\" notice, this list of conditions and the following disclaimer in the
27.\" documentation and/or other materials provided with the distribution.
28.\"
29.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
30.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
31.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
32.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
33.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
34.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
35.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
36.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
37.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
38.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Damien Miller32aa1441999-10-29 09:15:49 +100039.\"
40.Dd September 25, 1999
41.Dt SSH-KEYGEN 1
42.Os
43.Sh NAME
44.Nm ssh-keygen
Ben Lindstrom5a707822001-04-22 17:15:46 +000045.Nd authentication key generation, management and conversion
Damien Miller32aa1441999-10-29 09:15:49 +100046.Sh SYNOPSIS
47.Nm ssh-keygen
Damien Miller495dca32003-04-01 21:42:14 +100048.Bk -words
Damien Miller0bc1bd82000-11-13 22:57:25 +110049.Op Fl q
Damien Miller32aa1441999-10-29 09:15:49 +100050.Op Fl b Ar bits
Damien Miller55fafa02002-02-19 15:22:07 +110051.Fl t Ar type
Damien Miller32aa1441999-10-29 09:15:49 +100052.Op Fl N Ar new_passphrase
53.Op Fl C Ar comment
Damien Miller1a425f32000-09-02 10:08:09 +110054.Op Fl f Ar output_keyfile
Damien Miller495dca32003-04-01 21:42:14 +100055.Ek
Damien Miller32aa1441999-10-29 09:15:49 +100056.Nm ssh-keygen
57.Fl p
58.Op Fl P Ar old_passphrase
59.Op Fl N Ar new_passphrase
Damien Miller10f6f6b1999-11-17 17:29:08 +110060.Op Fl f Ar keyfile
Damien Miller32aa1441999-10-29 09:15:49 +100061.Nm ssh-keygen
Ben Lindstrom5a707822001-04-22 17:15:46 +000062.Fl i
Damien Miller1a425f32000-09-02 10:08:09 +110063.Op Fl f Ar input_keyfile
Damien Millere247cc42000-05-07 12:03:14 +100064.Nm ssh-keygen
Ben Lindstrom5a707822001-04-22 17:15:46 +000065.Fl e
Damien Miller1a425f32000-09-02 10:08:09 +110066.Op Fl f Ar input_keyfile
Damien Millere247cc42000-05-07 12:03:14 +100067.Nm ssh-keygen
68.Fl y
Damien Miller1a425f32000-09-02 10:08:09 +110069.Op Fl f Ar input_keyfile
Damien Millere247cc42000-05-07 12:03:14 +100070.Nm ssh-keygen
Damien Miller32aa1441999-10-29 09:15:49 +100071.Fl c
72.Op Fl P Ar passphrase
73.Op Fl C Ar comment
Damien Miller10f6f6b1999-11-17 17:29:08 +110074.Op Fl f Ar keyfile
75.Nm ssh-keygen
76.Fl l
Ben Lindstrom8fd372b2001-03-12 03:02:17 +000077.Op Fl f Ar input_keyfile
78.Nm ssh-keygen
79.Fl B
Damien Miller1a425f32000-09-02 10:08:09 +110080.Op Fl f Ar input_keyfile
Ben Lindstroma1ec4a92001-08-06 21:51:34 +000081.Nm ssh-keygen
82.Fl D Ar reader
83.Nm ssh-keygen
84.Fl U Ar reader
85.Op Fl f Ar input_keyfile
Damien Miller37876e92003-05-15 10:19:46 +100086.Nm ssh-keygen
87.Fl r Ar hostname
88.Op Fl f Ar input_keyfile
89.Op Fl g
Darren Tucker019cefe2003-08-02 22:40:07 +100090.Nm ssh-keygen
91.Fl G Ar output_file
Darren Tucker06930c72003-12-31 11:34:51 +110092.Op Fl v
Darren Tucker019cefe2003-08-02 22:40:07 +100093.Op Fl b Ar bits
94.Op Fl M Ar memory
95.Op Fl S Ar start_point
96.Nm ssh-keygen
97.Fl T Ar output_file
98.Fl f Ar input_file
Darren Tucker06930c72003-12-31 11:34:51 +110099.Op Fl v
Darren Tucker019cefe2003-08-02 22:40:07 +1000100.Op Fl a Ar num_trials
101.Op Fl W Ar generator
Damien Miller22c77262000-04-13 12:26:34 +1000102.Sh DESCRIPTION
Damien Miller32aa1441999-10-29 09:15:49 +1000103.Nm
Ben Lindstrom5a707822001-04-22 17:15:46 +0000104generates, manages and converts authentication keys for
Damien Miller32aa1441999-10-29 09:15:49 +1000105.Xr ssh 1 .
Damien Millere247cc42000-05-07 12:03:14 +1000106.Nm
Ben Lindstromcb72e4f2002-06-21 00:41:51 +0000107can create RSA keys for use by SSH protocol version 1 and RSA or DSA
Damien Millerfbf486b2003-05-23 18:44:23 +1000108keys for use by SSH protocol version 2.
109The type of key to be generated is specified with the
Damien Miller0bc1bd82000-11-13 22:57:25 +1100110.Fl t
Damien Millera41c8b12002-01-22 23:05:08 +1100111option.
Damien Millere247cc42000-05-07 12:03:14 +1000112.Pp
Darren Tucker019cefe2003-08-02 22:40:07 +1000113.Nm
114is also used to generate groups for use in Diffie-Hellman group
115exchange (DH-GEX).
116See the
117.Sx MODULI GENERATION
118section for details.
119.Pp
Damien Miller32aa1441999-10-29 09:15:49 +1000120Normally each user wishing to use SSH
Damien Millere247cc42000-05-07 12:03:14 +1000121with RSA or DSA authentication runs this once to create the authentication
Damien Miller32aa1441999-10-29 09:15:49 +1000122key in
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000123.Pa $HOME/.ssh/identity ,
124.Pa $HOME/.ssh/id_dsa
Damien Millere247cc42000-05-07 12:03:14 +1000125or
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000126.Pa $HOME/.ssh/id_rsa .
Damien Millere247cc42000-05-07 12:03:14 +1000127Additionally, the system administrator may use this to generate host keys,
128as seen in
129.Pa /etc/rc .
Damien Miller32aa1441999-10-29 09:15:49 +1000130.Pp
131Normally this program generates the key and asks for a file in which
Damien Miller450a7a12000-03-26 13:04:51 +1000132to store the private key.
133The public key is stored in a file with the same name but
Damien Miller32aa1441999-10-29 09:15:49 +1000134.Dq .pub
Damien Miller450a7a12000-03-26 13:04:51 +1000135appended.
136The program also asks for a passphrase.
137The passphrase may be empty to indicate no passphrase
Ben Lindstrombf555ba2001-01-18 02:04:35 +0000138(host keys must have an empty passphrase), or it may be a string of
Damien Miller450a7a12000-03-26 13:04:51 +1000139arbitrary length.
Ben Lindstrom4e366d52001-12-06 16:43:21 +0000140A passphrase is similar to a password, except it can be a phrase with a
141series of words, punctuation, numbers, whitespace, or any string of
142characters you want.
143Good passphrases are 10-30 characters long, are
Damien Miller32aa1441999-10-29 09:15:49 +1000144not simple sentences or otherwise easily guessable (English
Ben Lindstrom2a097a42001-06-09 01:13:40 +0000145prose has only 1-2 bits of entropy per character, and provides very bad
Ben Lindstrom4e366d52001-12-06 16:43:21 +0000146passphrases), and contain a mix of upper and lowercase letters,
147numbers, and non-alphanumeric characters.
Damien Miller450a7a12000-03-26 13:04:51 +1000148The passphrase can be changed later by using the
Damien Miller32aa1441999-10-29 09:15:49 +1000149.Fl p
150option.
151.Pp
Damien Miller450a7a12000-03-26 13:04:51 +1000152There is no way to recover a lost passphrase.
153If the passphrase is
Ben Lindstrom594e2032001-09-12 18:35:30 +0000154lost or forgotten, a new key must be generated and copied to the
Damien Miller32aa1441999-10-29 09:15:49 +1000155corresponding public key to other machines.
156.Pp
Ben Lindstrom5a707822001-04-22 17:15:46 +0000157For RSA1 keys,
158there is also a comment field in the key file that is only for
Damien Miller450a7a12000-03-26 13:04:51 +1000159convenience to the user to help identify the key.
160The comment can tell what the key is for, or whatever is useful.
161The comment is initialized to
Damien Miller32aa1441999-10-29 09:15:49 +1000162.Dq user@host
163when the key is created, but can be changed using the
164.Fl c
165option.
166.Pp
Damien Millere247cc42000-05-07 12:03:14 +1000167After a key is generated, instructions below detail where the keys
168should be placed to be activated.
169.Pp
Damien Miller32aa1441999-10-29 09:15:49 +1000170The options are as follows:
171.Bl -tag -width Ds
Darren Tucker019cefe2003-08-02 22:40:07 +1000172.It Fl a Ar trials
173Specifies the number of primality tests to perform when screening DH-GEX
174candidates using the
175.Fl T
176command.
Damien Miller32aa1441999-10-29 09:15:49 +1000177.It Fl b Ar bits
Damien Miller450a7a12000-03-26 13:04:51 +1000178Specifies the number of bits in the key to create.
179Minimum is 512 bits.
Ben Lindstrom9394d2f2002-12-23 02:11:54 +0000180Generally, 1024 bits is considered sufficient.
Damien Miller450a7a12000-03-26 13:04:51 +1000181The default is 1024 bits.
Damien Miller32aa1441999-10-29 09:15:49 +1000182.It Fl c
183Requests changing the comment in the private and public key files.
Damien Millereb5fec62001-11-12 10:52:44 +1100184This operation is only supported for RSA1 keys.
Damien Miller32aa1441999-10-29 09:15:49 +1000185The program will prompt for the file containing the private keys, for
Ben Lindstromaafff9c2001-05-06 03:01:02 +0000186the passphrase if the key has one, and for the new comment.
Ben Lindstrom5a707822001-04-22 17:15:46 +0000187.It Fl e
Ben Lindstrom46c264f2001-04-24 16:56:58 +0000188This option will read a private or public OpenSSH key file and
189print the key in a
Ben Lindstrom5a707822001-04-22 17:15:46 +0000190.Sq SECSH Public Key File Format
191to stdout.
192This option allows exporting keys for use by several commercial
193SSH implementations.
Damien Miller37876e92003-05-15 10:19:46 +1000194.It Fl g
Darren Tucker0b42e6d2004-08-13 21:22:40 +1000195Use generic DNS format when printing fingerprint resource records using the
Darren Tucker6e370372004-08-13 21:23:25 +1000196.Fl r
Darren Tucker0b42e6d2004-08-13 21:22:40 +1000197command.
Ben Lindstroma1ec4a92001-08-06 21:51:34 +0000198.It Fl f Ar filename
Damien Miller10f6f6b1999-11-17 17:29:08 +1100199Specifies the filename of the key file.
Ben Lindstrom5a707822001-04-22 17:15:46 +0000200.It Fl i
201This option will read an unencrypted private (or public) key file
202in SSH2-compatible format and print an OpenSSH compatible private
203(or public) key to stdout.
204.Nm
Ben Lindstrom2857d9c2001-04-22 17:19:46 +0000205also reads the
Ben Lindstrom5a707822001-04-22 17:15:46 +0000206.Sq SECSH Public Key File Format .
207This option allows importing keys from several commercial
208SSH implementations.
Damien Miller10f6f6b1999-11-17 17:29:08 +1100209.It Fl l
Damien Millereb5fec62001-11-12 10:52:44 +1100210Show fingerprint of specified public key file.
211Private RSA1 keys are also supported.
212For RSA and DSA keys
213.Nm
214tries to find the matching public key file and prints its fingerprint.
Damien Miller32aa1441999-10-29 09:15:49 +1000215.It Fl p
216Requests changing the passphrase of a private key file instead of
Damien Miller450a7a12000-03-26 13:04:51 +1000217creating a new private key.
218The program will prompt for the file
Damien Miller32aa1441999-10-29 09:15:49 +1000219containing the private key, for the old passphrase, and twice for the
220new passphrase.
221.It Fl q
222Silence
223.Nm ssh-keygen .
224Used by
225.Pa /etc/rc
226when creating a new key.
Ben Lindstrom5a707822001-04-22 17:15:46 +0000227.It Fl y
228This option will read a private
229OpenSSH format file and print an OpenSSH public key to stdout.
Damien Miller0bc1bd82000-11-13 22:57:25 +1100230.It Fl t Ar type
231Specifies the type of the key to create.
232The possible values are
233.Dq rsa1
234for protocol version 1 and
235.Dq rsa
236or
237.Dq dsa
238for protocol version 2.
Ben Lindstrom8fd372b2001-03-12 03:02:17 +0000239.It Fl B
240Show the bubblebabble digest of specified private or public key file.
Damien Miller32aa1441999-10-29 09:15:49 +1000241.It Fl C Ar comment
242Provides the new comment.
Ben Lindstroma1ec4a92001-08-06 21:51:34 +0000243.It Fl D Ar reader
244Download the RSA public key stored in the smartcard in
245.Ar reader .
Darren Tucker019cefe2003-08-02 22:40:07 +1000246.It Fl G Ar output_file
247Generate candidate primes for DH-GEX.
248These primes must be screened for
249safety (using the
250.Fl T
251option) before use.
252.It Fl M Ar memory
253Specify the amount of memory to use (in megabytes) when generating
254candidate moduli for DH-GEX.
Damien Miller32aa1441999-10-29 09:15:49 +1000255.It Fl N Ar new_passphrase
256Provides the new passphrase.
257.It Fl P Ar passphrase
258Provides the (old) passphrase.
Darren Tucker019cefe2003-08-02 22:40:07 +1000259.It Fl S Ar start
260Specify start point (in hex) when generating candidate moduli for DH-GEX.
261.It Fl T Ar output_file
262Test DH group exchange candidate primes (generated using the
263.Fl G
264option) for safety.
265.It Fl W Ar generator
266Specify desired generator when testing candidate moduli for DH-GEX.
Ben Lindstroma1ec4a92001-08-06 21:51:34 +0000267.It Fl U Ar reader
268Upload an existing RSA private key into the smartcard in
269.Ar reader .
Darren Tucker06930c72003-12-31 11:34:51 +1100270.It Fl v
271Verbose mode.
272Causes
273.Nm
274to print debugging messages about its progress.
275This is helpful for debugging moduli generation.
276Multiple
277.Fl v
278options increase the verbosity.
279The maximum is 3.
Damien Miller37876e92003-05-15 10:19:46 +1000280.It Fl r Ar hostname
Darren Tucker0b42e6d2004-08-13 21:22:40 +1000281Print the SSHFP fingerprint resource record named
282.Ar hostname
283for the specified public key file.
Damien Miller32aa1441999-10-29 09:15:49 +1000284.El
Darren Tucker019cefe2003-08-02 22:40:07 +1000285.Sh MODULI GENERATION
286.Nm
287may be used to generate groups for the Diffie-Hellman Group Exchange
288(DH-GEX) protocol.
289Generating these groups is a two-step process: first, candidate
290primes are generated using a fast, but memory intensive process.
291These candidate primes are then tested for suitability (a CPU-intensive
292process).
293.Pp
294Generation of primes is performed using the
295.Fl G
296option.
297The desired length of the primes may be specified by the
298.Fl b
299option.
300For example:
301.Pp
302.Dl ssh-keygen -G moduli-2048.candidates -b 2048
303.Pp
304By default, the search for primes begins at a random point in the
305desired length range.
306This may be overridden using the
307.Fl S
308option, which specifies a different start point (in hex).
309.Pp
310Once a set of candidates have been generated, they must be tested for
311suitability.
312This may be performed using the
313.Fl T
314option.
315In this mode
316.Nm
317will read candidates from standard input (or a file specified using the
318.Fl f
319option).
320For example:
321.Pp
322.Dl ssh-keygen -T moduli-2048 -f moduli-2048.candidates
323.Pp
324By default, each candidate will be subjected to 100 primality tests.
325This may be overridden using the
326.Fl a
327option.
328The DH generator value will be chosen automatically for the
329prime under consideration.
330If a specific generator is desired, it may be requested using the
331.Fl W
332option.
333Valid generator values are 2, 3 and 5.
334.Pp
335Screened DH groups may be installed in
336.Pa /etc/moduli .
337It is important that this file contains moduli of a range of bit lengths and
338that both ends of a connection share common moduli.
Damien Miller32aa1441999-10-29 09:15:49 +1000339.Sh FILES
340.Bl -tag -width Ds
Damien Miller32aa1441999-10-29 09:15:49 +1000341.It Pa $HOME/.ssh/identity
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000342Contains the protocol version 1 RSA authentication identity of the user.
Damien Miller450a7a12000-03-26 13:04:51 +1000343This file should not be readable by anyone but the user.
344It is possible to
Damien Miller32aa1441999-10-29 09:15:49 +1000345specify a passphrase when generating the key; that passphrase will be
Damien Miller450a7a12000-03-26 13:04:51 +1000346used to encrypt the private part of this file using 3DES.
347This file is not automatically accessed by
Damien Miller32aa1441999-10-29 09:15:49 +1000348.Nm
349but it is offered as the default file for the private key.
Ben Lindstrombda98b02001-07-04 03:35:24 +0000350.Xr ssh 1
Damien Millere247cc42000-05-07 12:03:14 +1000351will read this file when a login attempt is made.
Damien Miller32aa1441999-10-29 09:15:49 +1000352.It Pa $HOME/.ssh/identity.pub
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000353Contains the protocol version 1 RSA public key for authentication.
Damien Miller450a7a12000-03-26 13:04:51 +1000354The contents of this file should be added to
Damien Miller32aa1441999-10-29 09:15:49 +1000355.Pa $HOME/.ssh/authorized_keys
356on all machines
Ben Lindstrom594e2032001-09-12 18:35:30 +0000357where the user wishes to log in using RSA authentication.
Damien Miller450a7a12000-03-26 13:04:51 +1000358There is no need to keep the contents of this file secret.
Damien Millere247cc42000-05-07 12:03:14 +1000359.It Pa $HOME/.ssh/id_dsa
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000360Contains the protocol version 2 DSA authentication identity of the user.
Damien Millere247cc42000-05-07 12:03:14 +1000361This file should not be readable by anyone but the user.
362It is possible to
363specify a passphrase when generating the key; that passphrase will be
364used to encrypt the private part of this file using 3DES.
365This file is not automatically accessed by
366.Nm
367but it is offered as the default file for the private key.
Ben Lindstrombda98b02001-07-04 03:35:24 +0000368.Xr ssh 1
Damien Millere247cc42000-05-07 12:03:14 +1000369will read this file when a login attempt is made.
370.It Pa $HOME/.ssh/id_dsa.pub
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000371Contains the protocol version 2 DSA public key for authentication.
372The contents of this file should be added to
Ben Lindstromf96704d2001-06-25 04:17:12 +0000373.Pa $HOME/.ssh/authorized_keys
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000374on all machines
Ben Lindstrom594e2032001-09-12 18:35:30 +0000375where the user wishes to log in using public key authentication.
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000376There is no need to keep the contents of this file secret.
377.It Pa $HOME/.ssh/id_rsa
378Contains the protocol version 2 RSA authentication identity of the user.
379This file should not be readable by anyone but the user.
380It is possible to
381specify a passphrase when generating the key; that passphrase will be
382used to encrypt the private part of this file using 3DES.
383This file is not automatically accessed by
384.Nm
385but it is offered as the default file for the private key.
Ben Lindstrombda98b02001-07-04 03:35:24 +0000386.Xr ssh 1
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000387will read this file when a login attempt is made.
388.It Pa $HOME/.ssh/id_rsa.pub
389Contains the protocol version 2 RSA public key for authentication.
Damien Millere247cc42000-05-07 12:03:14 +1000390The contents of this file should be added to
Ben Lindstromf96704d2001-06-25 04:17:12 +0000391.Pa $HOME/.ssh/authorized_keys
Damien Millere247cc42000-05-07 12:03:14 +1000392on all machines
Ben Lindstrom594e2032001-09-12 18:35:30 +0000393where the user wishes to log in using public key authentication.
Damien Millere247cc42000-05-07 12:03:14 +1000394There is no need to keep the contents of this file secret.
Darren Tucker019cefe2003-08-02 22:40:07 +1000395.It Pa /etc/moduli
396Contains Diffie-Hellman groups used for DH-GEX.
397The file format is described in
398.Xr moduli 5 .
Damien Miller37023962000-07-11 17:31:38 +1000399.El
Damien Miller32aa1441999-10-29 09:15:49 +1000400.Sh SEE ALSO
401.Xr ssh 1 ,
402.Xr ssh-add 1 ,
Damien Miller2e8b1c81999-11-15 23:33:56 +1100403.Xr ssh-agent 1 ,
Darren Tucker019cefe2003-08-02 22:40:07 +1000404.Xr moduli 5 ,
Ben Lindstrom77788dc2001-02-10 23:10:33 +0000405.Xr sshd 8
Ben Lindstrom5a707822001-04-22 17:15:46 +0000406.Rs
Ben Lindstrom90fd0602001-06-25 04:45:33 +0000407.%A J. Galbraith
408.%A R. Thayer
Ben Lindstrom5a707822001-04-22 17:15:46 +0000409.%T "SECSH Public Key File Format"
410.%N draft-ietf-secsh-publickeyfile-01.txt
411.%D March 2001
412.%O work in progress material
413.Re
Damien Millerf1ce5052003-06-11 22:04:39 +1000414.Sh AUTHORS
415OpenSSH is a derivative of the original and free
416ssh 1.2.12 release by Tatu Ylonen.
417Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
418Theo de Raadt and Dug Song
419removed many bugs, re-added newer features and
420created OpenSSH.
421Markus Friedl contributed the support for SSH
422protocol versions 1.5 and 2.0.