===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/ssh-keygen.1,v
retrieving revision 1.176
retrieving revision 1.177
diff -u -r1.176 -r1.177
--- src/usr.bin/ssh/ssh-keygen.1	2019/11/18 23:16:49	1.176
+++ src/usr.bin/ssh/ssh-keygen.1	2019/11/25 00:54:23	1.177
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: ssh-keygen.1,v 1.176 2019/11/18 23:16:49 naddy Exp $
+.\"	$OpenBSD: ssh-keygen.1,v 1.177 2019/11/25 00:54:23 djm Exp $
 .\"
 .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
 .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -35,7 +35,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: November 18 2019 $
+.Dd $Mdocdate: November 25 2019 $
 .Dt SSH-KEYGEN 1
 .Os
 .Sh NAME
@@ -533,6 +533,14 @@
 .Pp
 .It Ic permit-X11-forwarding
 Allows X11 forwarding.
+.Pp
+.It Ic no-touch-required
+Do not require signatures made using this key require demonstration
+of user presence (e.g. by having the user touch the key).
+This option only makes sense for the Security Key algorithms
+.Cm ecdsa-sk
+and
+.Cm ed25519-sk .
 .Pp
 .It Ic source-address Ns = Ns Ar address_list
 Restrict the source addresses from which the certificate is considered valid.