diff options
| author | naddy@openbsd.org <naddy@openbsd.org> | 2019-11-07 08:38:38 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2019-11-08 14:09:32 +1100 |
| commit | aa4c640dc362816d63584a16e786d5e314e24390 (patch) | |
| tree | ff9a6015ea0de5579d49d66d42590d93887fd7aa /ssh.1 | |
| parent | b236b27d6dada7f0542214003632b4e9b7aa1380 (diff) | |
| download | openssh-git-aa4c640dc362816d63584a16e786d5e314e24390.tar.gz | |
upstream: Fill in missing man page bits for U2F security key support:
Mention the new key types, the ~/.ssh/id_ecdsa_sk file, ssh's
SecurityKeyProvider keyword, the SSH_SK_PROVIDER environment variable,
and ssh-keygen's new -w and -x options.
Copy the ssh-sk-helper man page from ssh-pkcs11-helper with minimal
substitutions.
ok djm@
OpenBSD-Commit-ID: ef2e8f83d0c0ce11ad9b8c28945747e5ca337ac4
Diffstat (limited to 'ssh.1')
| -rw-r--r-- | ssh.1 | 17 |
1 files changed, 15 insertions, 2 deletions
@@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.403 2019/06/12 11:31:50 jmc Exp $ -.Dd $Mdocdate: June 12 2019 $ +.\" $OpenBSD: ssh.1,v 1.404 2019/11/07 08:38:38 naddy Exp $ +.Dd $Mdocdate: November 7 2019 $ .Dt SSH 1 .Os .Sh NAME @@ -279,6 +279,7 @@ public key authentication is read. The default is .Pa ~/.ssh/id_dsa , .Pa ~/.ssh/id_ecdsa , +.Pa ~/.ssh/id_ecdsa_sk , .Pa ~/.ssh/id_ed25519 and .Pa ~/.ssh/id_rsa . @@ -896,6 +897,8 @@ This stores the private key in (DSA), .Pa ~/.ssh/id_ecdsa (ECDSA), +.Pa ~/.ssh/id_ecdsa_sk +(security key-hosted ECDSA), .Pa ~/.ssh/id_ed25519 (Ed25519), or @@ -906,6 +909,8 @@ and stores the public key in (DSA), .Pa ~/.ssh/id_ecdsa.pub (ECDSA), +.Pa ~/.ssh/id_ecdsa_sk.pub +(security key-hosted ECDSA), .Pa ~/.ssh/id_ed25519.pub (Ed25519), or @@ -1324,6 +1329,12 @@ More permanent VPNs are better provided by tools such as and .Xr isakmpd 8 . .Sh ENVIRONMENT +.Bl -tag -width "SSH_ORIGINAL_COMMAND" +.It Ev SSH_SK_PROVIDER +Specifies the path to a security key provider library used to interact with +hardware security keys. +.Pp +.El .Nm will normally set the following environment variables: .Bl -tag -width "SSH_ORIGINAL_COMMAND" @@ -1484,6 +1495,7 @@ above. .Pp .It Pa ~/.ssh/id_dsa .It Pa ~/.ssh/id_ecdsa +.It Pa ~/.ssh/id_ecdsa_sk .It Pa ~/.ssh/id_ed25519 .It Pa ~/.ssh/id_rsa Contains the private key for authentication. @@ -1498,6 +1510,7 @@ sensitive part of this file using AES-128. .Pp .It Pa ~/.ssh/id_dsa.pub .It Pa ~/.ssh/id_ecdsa.pub +.It Pa ~/.ssh/id_ecdsa_sk.pub .It Pa ~/.ssh/id_ed25519.pub .It Pa ~/.ssh/id_rsa.pub Contains the public key for authentication. |