version 1.126, 2015/07/03 03:49:45 |
version 1.127, 2015/08/20 19:20:06 |
|
|
to |
to |
.Fl s : |
.Fl s : |
.Pp |
.Pp |
.Dl $ ssh-keygen -s ca_key.pub -D libpkcs11.so -I key_id host_key.pub |
.Dl $ ssh-keygen -s ca_key.pub -D libpkcs11.so -I key_id user_key.pub |
.Pp |
.Pp |
In all cases, |
In all cases, |
.Ar key_id |
.Ar key_id |
|
|
To generate a certificate for a specified set of principals: |
To generate a certificate for a specified set of principals: |
.Pp |
.Pp |
.Dl $ ssh-keygen -s ca_key -I key_id -n user1,user2 user_key.pub |
.Dl $ ssh-keygen -s ca_key -I key_id -n user1,user2 user_key.pub |
.Dl "$ ssh-keygen -s ca_key -I key_id -h -n host.domain user_key.pub" |
.Dl "$ ssh-keygen -s ca_key -I key_id -h -n host.domain host_key.pub" |
.Pp |
.Pp |
Additional limitations on the validity and use of user certificates may |
Additional limitations on the validity and use of user certificates may |
be specified through certificate options. |
be specified through certificate options. |