blob: 6dd6154287aa7ab4caa3ed4d7c3fdfcfd39963ac [file] [log] [blame]
Darren Tucker06930c72003-12-31 11:34:51 +11001.\" $OpenBSD: ssh-keygen.1,v 1.61 2003/12/22 09:16:58 djm Exp $
Ben Lindstrom36579d32001-01-29 07:39:26 +00002.\"
Damien Miller32aa1441999-10-29 09:15:49 +10003.\" -*- nroff -*-
4.\"
Damien Miller32aa1441999-10-29 09:15:49 +10005.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
Damien Miller32aa1441999-10-29 09:15:49 +10006.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
7.\" All rights reserved
8.\"
Damien Millere4340be2000-09-16 13:29:08 +11009.\" As far as I am concerned, the code I have written for this software
10.\" can be used freely for any purpose. Any derived versions of this
11.\" software must be clearly marked as such, and if the derived work is
12.\" incompatible with the protocol description in the RFC file, it must be
13.\" called by a name other than "ssh" or "Secure Shell".
Damien Miller32aa1441999-10-29 09:15:49 +100014.\"
Damien Millere4340be2000-09-16 13:29:08 +110015.\"
Ben Lindstrom92a2e382001-03-05 06:59:27 +000016.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved.
17.\" Copyright (c) 1999 Aaron Campbell. All rights reserved.
18.\" Copyright (c) 1999 Theo de Raadt. All rights reserved.
Damien Millere4340be2000-09-16 13:29:08 +110019.\"
20.\" Redistribution and use in source and binary forms, with or without
21.\" modification, are permitted provided that the following conditions
22.\" are met:
23.\" 1. Redistributions of source code must retain the above copyright
24.\" notice, this list of conditions and the following disclaimer.
25.\" 2. Redistributions in binary form must reproduce the above copyright
26.\" notice, this list of conditions and the following disclaimer in the
27.\" documentation and/or other materials provided with the distribution.
28.\"
29.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
30.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
31.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
32.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
33.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
34.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
35.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
36.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
37.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
38.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Damien Miller32aa1441999-10-29 09:15:49 +100039.\"
40.Dd September 25, 1999
41.Dt SSH-KEYGEN 1
42.Os
43.Sh NAME
44.Nm ssh-keygen
Ben Lindstrom5a707822001-04-22 17:15:46 +000045.Nd authentication key generation, management and conversion
Damien Miller32aa1441999-10-29 09:15:49 +100046.Sh SYNOPSIS
47.Nm ssh-keygen
Damien Miller495dca32003-04-01 21:42:14 +100048.Bk -words
Damien Miller0bc1bd82000-11-13 22:57:25 +110049.Op Fl q
Damien Miller32aa1441999-10-29 09:15:49 +100050.Op Fl b Ar bits
Damien Miller55fafa02002-02-19 15:22:07 +110051.Fl t Ar type
Damien Miller32aa1441999-10-29 09:15:49 +100052.Op Fl N Ar new_passphrase
53.Op Fl C Ar comment
Damien Miller1a425f32000-09-02 10:08:09 +110054.Op Fl f Ar output_keyfile
Damien Miller495dca32003-04-01 21:42:14 +100055.Ek
Damien Miller32aa1441999-10-29 09:15:49 +100056.Nm ssh-keygen
57.Fl p
58.Op Fl P Ar old_passphrase
59.Op Fl N Ar new_passphrase
Damien Miller10f6f6b1999-11-17 17:29:08 +110060.Op Fl f Ar keyfile
Damien Miller32aa1441999-10-29 09:15:49 +100061.Nm ssh-keygen
Ben Lindstrom5a707822001-04-22 17:15:46 +000062.Fl i
Damien Miller1a425f32000-09-02 10:08:09 +110063.Op Fl f Ar input_keyfile
Damien Millere247cc42000-05-07 12:03:14 +100064.Nm ssh-keygen
Ben Lindstrom5a707822001-04-22 17:15:46 +000065.Fl e
Damien Miller1a425f32000-09-02 10:08:09 +110066.Op Fl f Ar input_keyfile
Damien Millere247cc42000-05-07 12:03:14 +100067.Nm ssh-keygen
68.Fl y
Damien Miller1a425f32000-09-02 10:08:09 +110069.Op Fl f Ar input_keyfile
Damien Millere247cc42000-05-07 12:03:14 +100070.Nm ssh-keygen
Damien Miller32aa1441999-10-29 09:15:49 +100071.Fl c
72.Op Fl P Ar passphrase
73.Op Fl C Ar comment
Damien Miller10f6f6b1999-11-17 17:29:08 +110074.Op Fl f Ar keyfile
75.Nm ssh-keygen
76.Fl l
Ben Lindstrom8fd372b2001-03-12 03:02:17 +000077.Op Fl f Ar input_keyfile
78.Nm ssh-keygen
79.Fl B
Damien Miller1a425f32000-09-02 10:08:09 +110080.Op Fl f Ar input_keyfile
Ben Lindstroma1ec4a92001-08-06 21:51:34 +000081.Nm ssh-keygen
82.Fl D Ar reader
83.Nm ssh-keygen
84.Fl U Ar reader
85.Op Fl f Ar input_keyfile
Damien Miller37876e92003-05-15 10:19:46 +100086.Nm ssh-keygen
87.Fl r Ar hostname
88.Op Fl f Ar input_keyfile
89.Op Fl g
Darren Tucker019cefe2003-08-02 22:40:07 +100090.Nm ssh-keygen
91.Fl G Ar output_file
Darren Tucker06930c72003-12-31 11:34:51 +110092.Op Fl v
Darren Tucker019cefe2003-08-02 22:40:07 +100093.Op Fl b Ar bits
94.Op Fl M Ar memory
95.Op Fl S Ar start_point
96.Nm ssh-keygen
97.Fl T Ar output_file
98.Fl f Ar input_file
Darren Tucker06930c72003-12-31 11:34:51 +110099.Op Fl v
Darren Tucker019cefe2003-08-02 22:40:07 +1000100.Op Fl a Ar num_trials
101.Op Fl W Ar generator
Damien Miller22c77262000-04-13 12:26:34 +1000102.Sh DESCRIPTION
Damien Miller32aa1441999-10-29 09:15:49 +1000103.Nm
Ben Lindstrom5a707822001-04-22 17:15:46 +0000104generates, manages and converts authentication keys for
Damien Miller32aa1441999-10-29 09:15:49 +1000105.Xr ssh 1 .
Damien Millere247cc42000-05-07 12:03:14 +1000106.Nm
Ben Lindstromcb72e4f2002-06-21 00:41:51 +0000107can create RSA keys for use by SSH protocol version 1 and RSA or DSA
Damien Millerfbf486b2003-05-23 18:44:23 +1000108keys for use by SSH protocol version 2.
109The type of key to be generated is specified with the
Damien Miller0bc1bd82000-11-13 22:57:25 +1100110.Fl t
Damien Millera41c8b12002-01-22 23:05:08 +1100111option.
Damien Millere247cc42000-05-07 12:03:14 +1000112.Pp
Darren Tucker019cefe2003-08-02 22:40:07 +1000113.Nm
114is also used to generate groups for use in Diffie-Hellman group
115exchange (DH-GEX).
116See the
117.Sx MODULI GENERATION
118section for details.
119.Pp
Damien Miller32aa1441999-10-29 09:15:49 +1000120Normally each user wishing to use SSH
Damien Millere247cc42000-05-07 12:03:14 +1000121with RSA or DSA authentication runs this once to create the authentication
Damien Miller32aa1441999-10-29 09:15:49 +1000122key in
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000123.Pa $HOME/.ssh/identity ,
124.Pa $HOME/.ssh/id_dsa
Damien Millere247cc42000-05-07 12:03:14 +1000125or
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000126.Pa $HOME/.ssh/id_rsa .
Damien Millere247cc42000-05-07 12:03:14 +1000127Additionally, the system administrator may use this to generate host keys,
128as seen in
129.Pa /etc/rc .
Damien Miller32aa1441999-10-29 09:15:49 +1000130.Pp
131Normally this program generates the key and asks for a file in which
Damien Miller450a7a12000-03-26 13:04:51 +1000132to store the private key.
133The public key is stored in a file with the same name but
Damien Miller32aa1441999-10-29 09:15:49 +1000134.Dq .pub
Damien Miller450a7a12000-03-26 13:04:51 +1000135appended.
136The program also asks for a passphrase.
137The passphrase may be empty to indicate no passphrase
Ben Lindstrombf555ba2001-01-18 02:04:35 +0000138(host keys must have an empty passphrase), or it may be a string of
Damien Miller450a7a12000-03-26 13:04:51 +1000139arbitrary length.
Ben Lindstrom4e366d52001-12-06 16:43:21 +0000140A passphrase is similar to a password, except it can be a phrase with a
141series of words, punctuation, numbers, whitespace, or any string of
142characters you want.
143Good passphrases are 10-30 characters long, are
Damien Miller32aa1441999-10-29 09:15:49 +1000144not simple sentences or otherwise easily guessable (English
Ben Lindstrom2a097a42001-06-09 01:13:40 +0000145prose has only 1-2 bits of entropy per character, and provides very bad
Ben Lindstrom4e366d52001-12-06 16:43:21 +0000146passphrases), and contain a mix of upper and lowercase letters,
147numbers, and non-alphanumeric characters.
Damien Miller450a7a12000-03-26 13:04:51 +1000148The passphrase can be changed later by using the
Damien Miller32aa1441999-10-29 09:15:49 +1000149.Fl p
150option.
151.Pp
Damien Miller450a7a12000-03-26 13:04:51 +1000152There is no way to recover a lost passphrase.
153If the passphrase is
Ben Lindstrom594e2032001-09-12 18:35:30 +0000154lost or forgotten, a new key must be generated and copied to the
Damien Miller32aa1441999-10-29 09:15:49 +1000155corresponding public key to other machines.
156.Pp
Ben Lindstrom5a707822001-04-22 17:15:46 +0000157For RSA1 keys,
158there is also a comment field in the key file that is only for
Damien Miller450a7a12000-03-26 13:04:51 +1000159convenience to the user to help identify the key.
160The comment can tell what the key is for, or whatever is useful.
161The comment is initialized to
Damien Miller32aa1441999-10-29 09:15:49 +1000162.Dq user@host
163when the key is created, but can be changed using the
164.Fl c
165option.
166.Pp
Damien Millere247cc42000-05-07 12:03:14 +1000167After a key is generated, instructions below detail where the keys
168should be placed to be activated.
169.Pp
Damien Miller32aa1441999-10-29 09:15:49 +1000170The options are as follows:
171.Bl -tag -width Ds
Darren Tucker019cefe2003-08-02 22:40:07 +1000172.It Fl a Ar trials
173Specifies the number of primality tests to perform when screening DH-GEX
174candidates using the
175.Fl T
176command.
Damien Miller32aa1441999-10-29 09:15:49 +1000177.It Fl b Ar bits
Damien Miller450a7a12000-03-26 13:04:51 +1000178Specifies the number of bits in the key to create.
179Minimum is 512 bits.
Ben Lindstrom9394d2f2002-12-23 02:11:54 +0000180Generally, 1024 bits is considered sufficient.
Damien Miller450a7a12000-03-26 13:04:51 +1000181The default is 1024 bits.
Damien Miller32aa1441999-10-29 09:15:49 +1000182.It Fl c
183Requests changing the comment in the private and public key files.
Damien Millereb5fec62001-11-12 10:52:44 +1100184This operation is only supported for RSA1 keys.
Damien Miller32aa1441999-10-29 09:15:49 +1000185The program will prompt for the file containing the private keys, for
Ben Lindstromaafff9c2001-05-06 03:01:02 +0000186the passphrase if the key has one, and for the new comment.
Ben Lindstrom5a707822001-04-22 17:15:46 +0000187.It Fl e
Ben Lindstrom46c264f2001-04-24 16:56:58 +0000188This option will read a private or public OpenSSH key file and
189print the key in a
Ben Lindstrom5a707822001-04-22 17:15:46 +0000190.Sq SECSH Public Key File Format
191to stdout.
192This option allows exporting keys for use by several commercial
193SSH implementations.
Damien Miller37876e92003-05-15 10:19:46 +1000194.It Fl g
195Use generic DNS resource record format.
Ben Lindstroma1ec4a92001-08-06 21:51:34 +0000196.It Fl f Ar filename
Damien Miller10f6f6b1999-11-17 17:29:08 +1100197Specifies the filename of the key file.
Ben Lindstrom5a707822001-04-22 17:15:46 +0000198.It Fl i
199This option will read an unencrypted private (or public) key file
200in SSH2-compatible format and print an OpenSSH compatible private
201(or public) key to stdout.
202.Nm
Ben Lindstrom2857d9c2001-04-22 17:19:46 +0000203also reads the
Ben Lindstrom5a707822001-04-22 17:15:46 +0000204.Sq SECSH Public Key File Format .
205This option allows importing keys from several commercial
206SSH implementations.
Damien Miller10f6f6b1999-11-17 17:29:08 +1100207.It Fl l
Damien Millereb5fec62001-11-12 10:52:44 +1100208Show fingerprint of specified public key file.
209Private RSA1 keys are also supported.
210For RSA and DSA keys
211.Nm
212tries to find the matching public key file and prints its fingerprint.
Damien Miller32aa1441999-10-29 09:15:49 +1000213.It Fl p
214Requests changing the passphrase of a private key file instead of
Damien Miller450a7a12000-03-26 13:04:51 +1000215creating a new private key.
216The program will prompt for the file
Damien Miller32aa1441999-10-29 09:15:49 +1000217containing the private key, for the old passphrase, and twice for the
218new passphrase.
219.It Fl q
220Silence
221.Nm ssh-keygen .
222Used by
223.Pa /etc/rc
224when creating a new key.
Ben Lindstrom5a707822001-04-22 17:15:46 +0000225.It Fl y
226This option will read a private
227OpenSSH format file and print an OpenSSH public key to stdout.
Damien Miller0bc1bd82000-11-13 22:57:25 +1100228.It Fl t Ar type
229Specifies the type of the key to create.
230The possible values are
231.Dq rsa1
232for protocol version 1 and
233.Dq rsa
234or
235.Dq dsa
236for protocol version 2.
Ben Lindstrom8fd372b2001-03-12 03:02:17 +0000237.It Fl B
238Show the bubblebabble digest of specified private or public key file.
Damien Miller32aa1441999-10-29 09:15:49 +1000239.It Fl C Ar comment
240Provides the new comment.
Ben Lindstroma1ec4a92001-08-06 21:51:34 +0000241.It Fl D Ar reader
242Download the RSA public key stored in the smartcard in
243.Ar reader .
Darren Tucker019cefe2003-08-02 22:40:07 +1000244.It Fl G Ar output_file
245Generate candidate primes for DH-GEX.
246These primes must be screened for
247safety (using the
248.Fl T
249option) before use.
250.It Fl M Ar memory
251Specify the amount of memory to use (in megabytes) when generating
252candidate moduli for DH-GEX.
Damien Miller32aa1441999-10-29 09:15:49 +1000253.It Fl N Ar new_passphrase
254Provides the new passphrase.
255.It Fl P Ar passphrase
256Provides the (old) passphrase.
Darren Tucker019cefe2003-08-02 22:40:07 +1000257.It Fl S Ar start
258Specify start point (in hex) when generating candidate moduli for DH-GEX.
259.It Fl T Ar output_file
260Test DH group exchange candidate primes (generated using the
261.Fl G
262option) for safety.
263.It Fl W Ar generator
264Specify desired generator when testing candidate moduli for DH-GEX.
Ben Lindstroma1ec4a92001-08-06 21:51:34 +0000265.It Fl U Ar reader
266Upload an existing RSA private key into the smartcard in
267.Ar reader .
Darren Tucker06930c72003-12-31 11:34:51 +1100268.It Fl v
269Verbose mode.
270Causes
271.Nm
272to print debugging messages about its progress.
273This is helpful for debugging moduli generation.
274Multiple
275.Fl v
276options increase the verbosity.
277The maximum is 3.
Damien Miller37876e92003-05-15 10:19:46 +1000278.It Fl r Ar hostname
279Print DNS resource record with the specified
280.Ar hostname .
Damien Miller32aa1441999-10-29 09:15:49 +1000281.El
Darren Tucker019cefe2003-08-02 22:40:07 +1000282.Sh MODULI GENERATION
283.Nm
284may be used to generate groups for the Diffie-Hellman Group Exchange
285(DH-GEX) protocol.
286Generating these groups is a two-step process: first, candidate
287primes are generated using a fast, but memory intensive process.
288These candidate primes are then tested for suitability (a CPU-intensive
289process).
290.Pp
291Generation of primes is performed using the
292.Fl G
293option.
294The desired length of the primes may be specified by the
295.Fl b
296option.
297For example:
298.Pp
299.Dl ssh-keygen -G moduli-2048.candidates -b 2048
300.Pp
301By default, the search for primes begins at a random point in the
302desired length range.
303This may be overridden using the
304.Fl S
305option, which specifies a different start point (in hex).
306.Pp
307Once a set of candidates have been generated, they must be tested for
308suitability.
309This may be performed using the
310.Fl T
311option.
312In this mode
313.Nm
314will read candidates from standard input (or a file specified using the
315.Fl f
316option).
317For example:
318.Pp
319.Dl ssh-keygen -T moduli-2048 -f moduli-2048.candidates
320.Pp
321By default, each candidate will be subjected to 100 primality tests.
322This may be overridden using the
323.Fl a
324option.
325The DH generator value will be chosen automatically for the
326prime under consideration.
327If a specific generator is desired, it may be requested using the
328.Fl W
329option.
330Valid generator values are 2, 3 and 5.
331.Pp
332Screened DH groups may be installed in
333.Pa /etc/moduli .
334It is important that this file contains moduli of a range of bit lengths and
335that both ends of a connection share common moduli.
Damien Miller32aa1441999-10-29 09:15:49 +1000336.Sh FILES
337.Bl -tag -width Ds
Damien Miller32aa1441999-10-29 09:15:49 +1000338.It Pa $HOME/.ssh/identity
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000339Contains the protocol version 1 RSA authentication identity of the user.
Damien Miller450a7a12000-03-26 13:04:51 +1000340This file should not be readable by anyone but the user.
341It is possible to
Damien Miller32aa1441999-10-29 09:15:49 +1000342specify a passphrase when generating the key; that passphrase will be
Damien Miller450a7a12000-03-26 13:04:51 +1000343used to encrypt the private part of this file using 3DES.
344This file is not automatically accessed by
Damien Miller32aa1441999-10-29 09:15:49 +1000345.Nm
346but it is offered as the default file for the private key.
Ben Lindstrombda98b02001-07-04 03:35:24 +0000347.Xr ssh 1
Damien Millere247cc42000-05-07 12:03:14 +1000348will read this file when a login attempt is made.
Damien Miller32aa1441999-10-29 09:15:49 +1000349.It Pa $HOME/.ssh/identity.pub
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000350Contains the protocol version 1 RSA public key for authentication.
Damien Miller450a7a12000-03-26 13:04:51 +1000351The contents of this file should be added to
Damien Miller32aa1441999-10-29 09:15:49 +1000352.Pa $HOME/.ssh/authorized_keys
353on all machines
Ben Lindstrom594e2032001-09-12 18:35:30 +0000354where the user wishes to log in using RSA authentication.
Damien Miller450a7a12000-03-26 13:04:51 +1000355There is no need to keep the contents of this file secret.
Damien Millere247cc42000-05-07 12:03:14 +1000356.It Pa $HOME/.ssh/id_dsa
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000357Contains the protocol version 2 DSA authentication identity of the user.
Damien Millere247cc42000-05-07 12:03:14 +1000358This file should not be readable by anyone but the user.
359It is possible to
360specify a passphrase when generating the key; that passphrase will be
361used to encrypt the private part of this file using 3DES.
362This file is not automatically accessed by
363.Nm
364but it is offered as the default file for the private key.
Ben Lindstrombda98b02001-07-04 03:35:24 +0000365.Xr ssh 1
Damien Millere247cc42000-05-07 12:03:14 +1000366will read this file when a login attempt is made.
367.It Pa $HOME/.ssh/id_dsa.pub
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000368Contains the protocol version 2 DSA public key for authentication.
369The contents of this file should be added to
Ben Lindstromf96704d2001-06-25 04:17:12 +0000370.Pa $HOME/.ssh/authorized_keys
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000371on all machines
Ben Lindstrom594e2032001-09-12 18:35:30 +0000372where the user wishes to log in using public key authentication.
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000373There is no need to keep the contents of this file secret.
374.It Pa $HOME/.ssh/id_rsa
375Contains the protocol version 2 RSA authentication identity of the user.
376This file should not be readable by anyone but the user.
377It is possible to
378specify a passphrase when generating the key; that passphrase will be
379used to encrypt the private part of this file using 3DES.
380This file is not automatically accessed by
381.Nm
382but it is offered as the default file for the private key.
Ben Lindstrombda98b02001-07-04 03:35:24 +0000383.Xr ssh 1
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000384will read this file when a login attempt is made.
385.It Pa $HOME/.ssh/id_rsa.pub
386Contains the protocol version 2 RSA public key for authentication.
Damien Millere247cc42000-05-07 12:03:14 +1000387The contents of this file should be added to
Ben Lindstromf96704d2001-06-25 04:17:12 +0000388.Pa $HOME/.ssh/authorized_keys
Damien Millere247cc42000-05-07 12:03:14 +1000389on all machines
Ben Lindstrom594e2032001-09-12 18:35:30 +0000390where the user wishes to log in using public key authentication.
Damien Millere247cc42000-05-07 12:03:14 +1000391There is no need to keep the contents of this file secret.
Darren Tucker019cefe2003-08-02 22:40:07 +1000392.It Pa /etc/moduli
393Contains Diffie-Hellman groups used for DH-GEX.
394The file format is described in
395.Xr moduli 5 .
Damien Miller37023962000-07-11 17:31:38 +1000396.El
Damien Miller32aa1441999-10-29 09:15:49 +1000397.Sh SEE ALSO
398.Xr ssh 1 ,
399.Xr ssh-add 1 ,
Damien Miller2e8b1c81999-11-15 23:33:56 +1100400.Xr ssh-agent 1 ,
Darren Tucker019cefe2003-08-02 22:40:07 +1000401.Xr moduli 5 ,
Ben Lindstrom77788dc2001-02-10 23:10:33 +0000402.Xr sshd 8
Ben Lindstrom5a707822001-04-22 17:15:46 +0000403.Rs
Ben Lindstrom90fd0602001-06-25 04:45:33 +0000404.%A J. Galbraith
405.%A R. Thayer
Ben Lindstrom5a707822001-04-22 17:15:46 +0000406.%T "SECSH Public Key File Format"
407.%N draft-ietf-secsh-publickeyfile-01.txt
408.%D March 2001
409.%O work in progress material
410.Re
Damien Millerf1ce5052003-06-11 22:04:39 +1000411.Sh AUTHORS
412OpenSSH is a derivative of the original and free
413ssh 1.2.12 release by Tatu Ylonen.
414Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
415Theo de Raadt and Dug Song
416removed many bugs, re-added newer features and
417created OpenSSH.
418Markus Friedl contributed the support for SSH
419protocol versions 1.5 and 2.0.