| version 1.197, 2020/01/28 08:01:34 |
version 1.198, 2020/02/02 07:36:50 |
|
|
| Override the default FIDO application/origin string of |
Override the default FIDO application/origin string of |
| .Dq ssh: . |
.Dq ssh: . |
| This may be useful when generating host or domain-specific resident keys. |
This may be useful when generating host or domain-specific resident keys. |
| |
.It Cm challenge=path |
| |
Specifies a path to a challenge string that will be passed to the |
| |
FIDO token during key generation. |
| |
The challenge string is optional, but may be used as part of an out-of-band |
| |
protocol for key enrollment. |
| |
If no |
| |
.Cm challenge |
| |
is specified, a random challenge is used. |
| .It Cm device |
.It Cm device |
| Explicitly specify a |
Explicitly specify a |
| .Xr fido 4 |
.Xr fido 4 |
|
|
| .Xr sshd 8 |
.Xr sshd 8 |
| will refuse such signatures by default, unless overridden via |
will refuse such signatures by default, unless overridden via |
| an authorized_keys option. |
an authorized_keys option. |
| .It Cm challenge=path |
|
| Specifies a path to a challenge string that will be passed to the |
|
| FIDO token during key generation. |
|
| The challenge string is optional, but may be used as part of an out-of-band |
|
| protocol for key enrollment. |
|
| If no |
|
| .Cm challenge |
|
| is specified, a random challenge is used. |
|
| .It Cm resident |
.It Cm resident |
| Indicate that the key should be stored on the FIDO authenticator itself. |
Indicate that the key should be stored on the FIDO authenticator itself. |
| Resident keys may be supported on FIDO2 tokens and typically require that |
Resident keys may be supported on FIDO2 tokens and typically require that |
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh-keygen.1 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh