diff options
author | Damien Miller <djm@mindrot.org> | 2005-03-01 21:48:35 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2005-03-01 21:48:35 +1100 |
commit | 4b42d7f195fc38bc6eda25c2e0782321ff1f2a16 (patch) | |
tree | f945653699b303d57203f950eba69946d2a59039 /ssh-keygen.1 | |
parent | db7b8171ee084cbbe3a5ec5ef26df88e17aa3905 (diff) | |
download | openssh-git-4b42d7f195fc38bc6eda25c2e0782321ff1f2a16.tar.gz |
- djm@cvs.openbsd.org 2005/03/01 10:42:49
[ssh-keygen.1 ssh-keygen.c ssh_config.5]
add tools for managing known_hosts files with hashed hostnames, including
hashing existing files and deleting hosts by name; ok markus@ deraadt@
Diffstat (limited to 'ssh-keygen.1')
-rw-r--r-- | ssh-keygen.1 | 43 |
1 files changed, 42 insertions, 1 deletions
diff --git a/ssh-keygen.1 b/ssh-keygen.1 index c0f24dcd..f4c5ebcb 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keygen.1,v 1.63 2004/08/13 00:01:43 jmc Exp $ +.\" $OpenBSD: ssh-keygen.1,v 1.64 2005/03/01 10:42:49 djm Exp $ .\" .\" -*- nroff -*- .\" @@ -81,6 +81,15 @@ .Nm ssh-keygen .Fl D Ar reader .Nm ssh-keygen +.Fl F Ar hostname +.Op Fl f Ar known_hosts_file +.Nm ssh-keygen +.Fl H +.Op Fl f Ar known_hosts_file +.Nm ssh-keygen +.Fl R Ar hostname +.Op Fl f Ar known_hosts_file +.Nm ssh-keygen .Fl U Ar reader .Op Fl f Ar input_keyfile .Nm ssh-keygen @@ -243,6 +252,38 @@ Provides the new comment. .It Fl D Ar reader Download the RSA public key stored in the smartcard in .Ar reader . +.It Fl F Ar hostname +Search for the specified +.Ar hostname +in a +.Pa known_hosts +file, listing any occurances found. +This option is useful to find hashed host names or addresses and may also be +used in conjunction with the +.Fl H +option to print found keys in a hashed format. +.It Fl H +Hash a +.Pa known_hosts +file, printing the result to standard output. +This replaces all hostnames and addresses with hashed representations. +These hashes may be used normally by +.Nm ssh +and +.Nm sshd , +but they do not reveal identifying information should the file's contents +be disclosed. +This option will not modify existing hashed hostnames and is therefore safe +to use on files that mix hashed and non-hashed names. +.It Fl R Ar hostname +Removes all keys belonging to +.Ar hostname +from a +.Pa known_hosts +file. +This option is useful to delete hashed hosts (see the +.Fl H +option above). .It Fl G Ar output_file Generate candidate primes for DH-GEX. These primes must be screened for |