| version 1.219, 2022/01/05 04:50:11 |
version 1.220, 2022/02/06 00:29:03 |
|
|
| .It Fl h |
.It Fl h |
| When signing a key, create a host certificate instead of a user |
When signing a key, create a host certificate instead of a user |
| certificate. |
certificate. |
| Please see the |
See the |
| .Sx CERTIFICATES |
.Sx CERTIFICATES |
| section for details. |
section for details. |
| .It Fl I Ar certificate_identity |
.It Fl I Ar certificate_identity |
| Specify the key identity when signing a public key. |
Specify the key identity when signing a public key. |
| Please see the |
See the |
| .Sx CERTIFICATES |
.Sx CERTIFICATES |
| section for details. |
section for details. |
| .It Fl i |
.It Fl i |
|
|
| Specify one or more principals (user or host names) to be included in |
Specify one or more principals (user or host names) to be included in |
| a certificate when signing a key. |
a certificate when signing a key. |
| Multiple principals may be specified, separated by commas. |
Multiple principals may be specified, separated by commas. |
| Please see the |
See the |
| .Sx CERTIFICATES |
.Sx CERTIFICATES |
| section for details. |
section for details. |
| .It Fl O Ar option |
.It Fl O Ar option |
|
|
| .It Cm write-attestation Ns = Ns Ar path |
.It Cm write-attestation Ns = Ns Ar path |
| May be used at key generation time to record the attestation data |
May be used at key generation time to record the attestation data |
| returned from FIDO tokens during key generation. |
returned from FIDO tokens during key generation. |
| Please note that this information is potentially sensitive. |
This information is potentially sensitive. |
| By default, this information is discarded. |
By default, this information is discarded. |
| .El |
.El |
| .Pp |
.Pp |
|
|
| for the specified public key file. |
for the specified public key file. |
| .It Fl s Ar ca_key |
.It Fl s Ar ca_key |
| Certify (sign) a public key using the specified CA key. |
Certify (sign) a public key using the specified CA key. |
| Please see the |
See the |
| .Sx CERTIFICATES |
.Sx CERTIFICATES |
| section for details. |
section for details. |
| .Pp |
.Pp |
|
|
| .Xr sshd 8 |
.Xr sshd 8 |
| or |
or |
| .Xr ssh 1 . |
.Xr ssh 1 . |
| Please refer to those manual pages for details. |
Refer to those manual pages for details. |
| .Sh KEY REVOCATION LISTS |
.Sh KEY REVOCATION LISTS |
| .Nm |
.Nm |
| is able to manage OpenSSH format Key Revocation Lists (KRLs). |
is able to manage OpenSSH format Key Revocation Lists (KRLs). |
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh-keygen.1 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh