- itojun@cvs.openbsd.org 2001/04/10 09:13:22

     [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
     document id_rsa{.pub,}.  markus ok

6 files changed, 58 insertions, 24 deletions

diff --git a/ChangeLog b/ChangeLog
index 0039e902..038f18a7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,9 @@
    - markus@cvs.openbsd.org 2001/04/10 07:46:58
      [channels.c]                              
      cleanup socks4 handling                   
+   - itojun@cvs.openbsd.org 2001/04/10 09:13:22       
+     [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
+     document id_rsa{.pub,}.  markus ok               
 
 20010410
  - OpenBSD CVS Sync
@@ -4996,4 +4999,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1094 2001/04/11 15:57:50 mouring Exp $
+$Id: ChangeLog,v 1.1095 2001/04/11 15:59:35 mouring Exp $
diff --git a/ssh-add.1 b/ssh-add.1
index 3cdf3374..d7725c6e 100644
--- a/ssh-add.1
+++ b/ssh-add.1
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: ssh-add.1,v 1.23 2001/04/09 15:19:49 markus Exp $
+.\"	$OpenBSD: ssh-add.1,v 1.24 2001/04/10 09:13:21 itojun Exp $
 .\"
 .\"  -*- nroff -*-
 .\"
@@ -80,7 +80,7 @@ Deletes all identities from the agent.
 .Sh FILES
 .Bl -tag -width Ds
 .It Pa $HOME/.ssh/identity
-Contains the RSA authentication identity of the user.
+Contains the protocol version 1 RSA authentication identity of the user.
 This file should not be readable by anyone but the user.
 Note that
 .Nm
@@ -92,7 +92,9 @@ This is the default file added by
 .Nm
 when no other files have been specified.
 .It Pa $HOME/.ssh/id_dsa
-Contains the DSA authentication identity of the user.
+Contains the protocol version 2 DSA authentication identity of the user.
+.It Pa $HOME/.ssh/id_rsa
+Contains the protocol version 2 RSA authentication identity of the user.
 .El
 .Sh ENVIRONMENT
 .Bl -tag -width Ds
diff --git a/ssh-agent.1 b/ssh-agent.1
index a14f359a..1d214698 100644
--- a/ssh-agent.1
+++ b/ssh-agent.1
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ssh-agent.1,v 1.23 2001/04/02 17:32:23 deraadt Exp $
+.\" $OpenBSD: ssh-agent.1,v 1.24 2001/04/10 09:13:21 itojun Exp $
 .\"
 .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
 .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -142,7 +142,7 @@ line terminates.
 .Sh FILES
 .Bl -tag -width Ds
 .It Pa $HOME/.ssh/identity
-Contains the RSA authentication identity of the user.
+Contains the protocol version 1 RSA authentication identity of the user.
 This file should not be readable by anyone but the user.
 It is possible to
 specify a passphrase when generating the key; that passphrase will be
@@ -153,7 +153,9 @@ but is normally added to the agent using
 .Xr ssh-add 1
 at login time.
 .It Pa $HOME/.ssh/id_dsa
-Contains the DSA authentication identity of the user.
+Contains the protocol version 2 DSA authentication identity of the user.
+.It Pa $HOME/.ssh/id_rsa
+Contains the protocol version 2 RSA authentication identity of the user.
 .It Pa /tmp/ssh-XXXXXXXX/agent.<pid>
 Unix-domain sockets used to contain the connection to the
 authentication agent.
diff --git a/ssh-keygen.1 b/ssh-keygen.1
index a3914680..6808ede6 100644
--- a/ssh-keygen.1
+++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: ssh-keygen.1,v 1.35 2001/03/11 22:33:23 markus Exp $
+.\"	$OpenBSD: ssh-keygen.1,v 1.36 2001/04/10 09:13:21 itojun Exp $
 .\"
 .\"  -*- nroff -*-
 .\"
@@ -89,9 +89,10 @@ option allows you to create a key for use by protocol 2.0.
 Normally each user wishing to use SSH
 with RSA or DSA authentication runs this once to create the authentication
 key in
-.Pa $HOME/.ssh/identity
+.Pa $HOME/.ssh/identity ,
+.Pa $HOME/.ssh/id_dsa
 or
-.Pa $HOME/.ssh/id_dsa .
+.Pa $HOME/.ssh/id_rsa .
 Additionally, the system administrator may use this to generate host keys,
 as seen in
 .Pa /etc/rc .
@@ -191,7 +192,7 @@ OpenSSH format file and print an OpenSSH public key to stdout.
 .Sh FILES
 .Bl -tag -width Ds
 .It Pa $HOME/.ssh/identity
-Contains the RSA authentication identity of the user.
+Contains the protocol version 1 RSA authentication identity of the user.
 This file should not be readable by anyone but the user.
 It is possible to
 specify a passphrase when generating the key; that passphrase will be
@@ -202,14 +203,14 @@ but it is offered as the default file for the private key.
 .Xr sshd 8
 will read this file when a login attempt is made.
 .It Pa $HOME/.ssh/identity.pub
-Contains the public key for authentication.
+Contains the protocol version 1 RSA public key for authentication.
 The contents of this file should be added to
 .Pa $HOME/.ssh/authorized_keys
 on all machines
 where you wish to log in using RSA authentication.
 There is no need to keep the contents of this file secret.
 .It Pa $HOME/.ssh/id_dsa
-Contains the DSA authentication identity of the user.
+Contains the protocol version 2 DSA authentication identity of the user.
 This file should not be readable by anyone but the user.
 It is possible to
 specify a passphrase when generating the key; that passphrase will be
@@ -220,7 +221,25 @@ but it is offered as the default file for the private key.
 .Xr sshd 8
 will read this file when a login attempt is made.
 .It Pa $HOME/.ssh/id_dsa.pub
-Contains the public key for authentication.
+Contains the protocol version 2 DSA public key for authentication.
+The contents of this file should be added to
+.Pa $HOME/.ssh/authorized_keys2
+on all machines
+where you wish to log in using public key authentication.
+There is no need to keep the contents of this file secret.
+.It Pa $HOME/.ssh/id_rsa
+Contains the protocol version 2 RSA authentication identity of the user.
+This file should not be readable by anyone but the user.
+It is possible to
+specify a passphrase when generating the key; that passphrase will be
+used to encrypt the private part of this file using 3DES.
+This file is not automatically accessed by
+.Nm
+but it is offered as the default file for the private key.
+.Xr sshd 8
+will read this file when a login attempt is made.
+.It Pa $HOME/.ssh/id_rsa.pub
+Contains the protocol version 2 RSA public key for authentication.
 The contents of this file should be added to
 .Pa $HOME/.ssh/authorized_keys2
 on all machines
diff --git a/ssh.1 b/ssh.1
index 1d30a7c2..e775d0dc 100644
--- a/ssh.1
+++ b/ssh.1
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh.1,v 1.101 2001/04/05 15:45:43 markus Exp $
+.\" $OpenBSD: ssh.1,v 1.102 2001/04/10 09:13:22 itojun Exp $
 .Dd September 25, 1999
 .Dt SSH 1
 .Os
@@ -212,8 +212,10 @@ If this method fails password authentication is tried.
 The public key method is similar to RSA authentication described
 in the previous section except that the DSA or RSA algorithm is used
 instead.
-The client uses his private key
+The client uses his private key,
 .Pa $HOME/.ssh/id_dsa
+or
+.Pa $HOME/.ssh/id_rsa ,
 to sign the session identifier and sends the result to the server.
 The server checks whether the matching public key is listed in
 .Pa $HOME/.ssh/authorized_keys2
@@ -1136,8 +1138,9 @@ for protocol version 1 or
 for protocol version 2).
 See
 .Xr sshd 8 .
-.It Pa $HOME/.ssh/identity, $HOME/.ssh/id_dsa
-Contains the RSA and the DSA authentication identity of the user.
+.It Pa $HOME/.ssh/identity, $HOME/.ssh/id_dsa, $HOME/.ssh/id_rsa
+Contains the authentication identity of the user.
+They are for protocol 1 RSA, protocol 2 DSA, and protocol 2 RSA, respectively.
 These files
 contain sensitive data and should be readable by the user but not
 accessible by others (read/write/execute).
@@ -1147,7 +1150,7 @@ ignores a private key file if it is accessible by others.
 It is possible to specify a passphrase when
 generating the key; the passphrase will be used to encrypt the
 sensitive part of this file using 3DES.
-.It Pa $HOME/.ssh/identity.pub, $HOME/.ssh/id_dsa.pub
+.It Pa $HOME/.ssh/identity.pub, $HOME/.ssh/id_dsa.pub, $HOME/.ssh/id_rsa.pub
 Contains the public key for authentication (public part of the
 identity file in human-readable form).
 The contents of the
@@ -1155,13 +1158,15 @@ The contents of the
 file should be added to
 .Pa $HOME/.ssh/authorized_keys
 on all machines
-where you wish to log in using RSA authentication.
+where you wish to log in using protocol version 1 RSA authentication.
 The contents of the
 .Pa $HOME/.ssh/id_dsa.pub
+and
+.Pa $HOME/.ssh/id_rsa.pub
 file should be added to
 .Pa $HOME/.ssh/authorized_keys2
 on all machines
-where you wish to log in using DSA authentication.
+where you wish to log in using protocol version 2 DSA/RSA authentication.
 These files are not
 sensitive and can (but need not) be readable by anyone.
 These files are
diff --git a/sshd.8 b/sshd.8
index 54b7861f..4611c063 100644
--- a/sshd.8
+++ b/sshd.8
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd.8,v 1.112 2001/04/09 18:00:15 stevesk Exp $
+.\" $OpenBSD: sshd.8,v 1.113 2001/04/10 09:13:22 itojun Exp $
 .Dd September 25, 1999
 .Dt SSHD 8
 .Os
@@ -821,9 +821,10 @@ or
 Note that lines in this file are usually several hundred bytes long
 (because of the size of the RSA key modulus).
 You don't want to type them in; instead, copy the
-.Pa identity.pub
-or the
+.Pa identity.pub ,
 .Pa id_dsa.pub
+or the
+.Pa id_rsa.pub
 file and edit it.
 .Pp
 The options (if present) consist of comma-separated option
@@ -1014,6 +1015,8 @@ It is recommended that it not be accessible by others.
 The format of this file is described above.
 Users will place the contents of their
 .Pa id_dsa.pub
+and/or
+.Pa id_rsa.pub
 files into this file, as described in
 .Xr ssh-keygen 1 .
 .It Pa "/etc/ssh_known_hosts" and "$HOME/.ssh/known_hosts"