src/usr.bin/ssh/ssh-keygen.1 - diff

Return to ssh-keygen.1 CVS log

Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/ssh-keygen.1 between version 1.116 and 1.117

version 1.116, 2013/06/27 14:05:37

version 1.117, 2013/12/07 08:08:26

Line 103

.Fl T Ar output_file

.Fl f Ar input_file

.Op Fl v

.Op Fl a Ar num_trials

.Op Fl a Ar rounds

.Op Fl J Ar num_lines

.Op Fl j Ar start_line

.Op Fl K Ar checkpt

Line 222

This is used by

.Pa /etc/rc

to generate new host keys.

.It Fl a Ar trials

.It Fl a Ar rounds

Specifies the number of primality tests to perform when screening DH-GEX

When saving a new-format private key (i.e. an ed25519 key or any SSH protocol

candidates using the

2 key when the

.Fl o

flag is set), this option specifies the number of KDF (key derivation function)

rounds used.

Higher numbers result in slower passphrase verification and increased

resistance to brute-force password cracking (should the keys be stolen).

.Pp

When screening DH-GEX candidates (

using the

.Fl T

command.

command).

This option specifies the number of primality tests to perform.

.It Fl B

Show the bubblebabble digest of specified private or public key file.

.It Fl b Ar bits

Line 447

Line 456

.El

.Pp

At present, no options are valid for host keys.

.It Fl o

Causes

.Nm

to save SSH protocol 2 private keys using the new OpenSSH format rather than

the more compatible PEM format.

The new format has increased resistance to brute-force password cracking

but is not supported by versions of OpenSSH prior to 6.5.

Ed25519 keys always use the new private key format.

.It Fl P Ar passphrase

Provides the (old) passphrase.

.It Fl p