| version 1.196, 2020/01/23 23:31:52 |
version 1.197, 2020/01/28 08:01:34 |
|
|
| .Xr sshd 8 |
.Xr sshd 8 |
| will refuse such signatures by default, unless overridden via |
will refuse such signatures by default, unless overridden via |
| an authorized_keys option. |
an authorized_keys option. |
| |
.It Cm challenge=path |
| |
Specifies a path to a challenge string that will be passed to the |
| |
FIDO token during key generation. |
| |
The challenge string is optional, but may be used as part of an out-of-band |
| |
protocol for key enrollment. |
| |
If no |
| |
.Cm challenge |
| |
is specified, a random challenge is used. |
| .It Cm resident |
.It Cm resident |
| Indicate that the key should be stored on the FIDO authenticator itself. |
Indicate that the key should be stored on the FIDO authenticator itself. |
| Resident keys may be supported on FIDO2 tokens and typically require that |
Resident keys may be supported on FIDO2 tokens and typically require that |
|
|
| overriding the empty default username. |
overriding the empty default username. |
| Specifying a username may be useful when generating multiple resident keys |
Specifying a username may be useful when generating multiple resident keys |
| for the same application name. |
for the same application name. |
| |
.It Cm write-attestation=path |
| |
May be used at key generation time to record the attestation certificate |
| |
returned from FIDO tokens during key generation. |
| |
By default this information is discarded. |
| .El |
.El |
| .Pp |
.Pp |
| The |
The |
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh-keygen.1 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh