| version 1.188, 2020/01/03 07:33:33 |
version 1.189, 2020/01/06 02:00:46 |
|
|
| .Pp |
.Pp |
| When generating a key that will be hosted on a FIDO authenticator, this |
When generating a key that will be hosted on a FIDO authenticator, this |
| flag may be used to specify key-specific options. |
flag may be used to specify key-specific options. |
| Two FIDO authenticator options are supported at present: |
The FIDO authenticator options are supported at present are: |
| .Pp |
.Pp |
| |
.Cm application |
| |
overrides the default FIDO application/origin string of |
| |
.Dq ssh: . |
| |
This option may be useful when generating host or domain-specific resident |
| |
keys. |
| |
.Cm device |
| |
explicitly specify a device to generate the key on, rather than accepting |
| |
the authenticator middleware's automatic selection. |
| |
.Xr fido 4 |
| |
device to use, rather than letting the token middleware select one. |
| .Cm no-touch-required |
.Cm no-touch-required |
| indicates that the generated private key should not require touch |
indicates that the generated private key should not require touch |
| events (user presence) when making signatures. |
events (user presence) when making signatures. |
|
|
| a PIN be set on the token prior to generation. |
a PIN be set on the token prior to generation. |
| Resident keys may be loaded off the token using |
Resident keys may be loaded off the token using |
| .Xr ssh-add 1 . |
.Xr ssh-add 1 . |
| |
.Cm user |
| |
allows specification of a username to be associated with a resident key, |
| |
overriding the empty default username. |
| |
Specifying a username may be useful when generating multiple resident keys |
| |
for the same application name. |
| .Pp |
.Pp |
| The |
The |
| .Fl O |
.Fl O |
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh-keygen.1 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh