diff options
author | dtucker@openbsd.org <dtucker@openbsd.org> | 2020-11-27 10:12:30 +0000 |
---|---|---|
committer | Darren Tucker <dtucker@dtucker.net> | 2020-11-27 21:37:17 +1100 |
commit | 57bf03f0217554afb8980f6697a7a0b88658d0a9 (patch) | |
tree | 61ad04be474cfe9f90b50966ba100ff45d14a0b3 /ssh-keygen.1 | |
parent | 33313ebc1c7135085676db62189e3520341d6b73 (diff) | |
download | openssh-git-57bf03f0217554afb8980f6697a7a0b88658d0a9.tar.gz |
upstream: Document ssh-keygen -Z, sanity check its argument earlier and
provide a better error message if it's not correct. Prompted by bz#2879, ok
djm@ jmc@
OpenBSD-Commit-ID: 484178a173e92230fb1803fb4f206d61f7b58005
Diffstat (limited to 'ssh-keygen.1')
-rw-r--r-- | ssh-keygen.1 | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/ssh-keygen.1 b/ssh-keygen.1 index e09d6475..43c8aa2f 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keygen.1,v 1.211 2020/11/17 11:23:58 dtucker Exp $ +.\" $OpenBSD: ssh-keygen.1,v 1.212 2020/11/27 10:12:30 dtucker Exp $ .\" .\" Author: Tatu Ylonen <ylo@cs.hut.fi> .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -35,7 +35,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: November 17 2020 $ +.Dd $Mdocdate: November 27 2020 $ .Dt SSH-KEYGEN 1 .Os .Sh NAME @@ -53,6 +53,7 @@ .Op Fl O Ar option .Op Fl t Cm dsa | ecdsa | ecdsa-sk | ed25519 | ed25519-sk | rsa .Op Fl w Ar provider +.Op Fl Z Ar cipher .Nm ssh-keygen .Fl p .Op Fl a Ar rounds @@ -60,6 +61,7 @@ .Op Fl m Ar format .Op Fl N Ar new_passphrase .Op Fl P Ar old_passphrase +.Op Fl Z Ar cipher .Nm ssh-keygen .Fl i .Op Fl f Ar input_keyfile @@ -740,6 +742,13 @@ returning a zero exit status. .It Fl y This option will read a private OpenSSH format file and print an OpenSSH public key to stdout. +.It Fl Z Ar cipher +Specifies the cipher to use for encryption when writing an OpenSSH-format +private key file. +The list of available ciphers may be obtained using +.Qq ssh -Q cipher . +The default is +.Dq aes256-ctr . .It Fl z Ar serial_number Specifies a serial number to be embedded in the certificate to distinguish this certificate from others from the same CA. |