=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/ssh-keygen.1,v retrieving revision 1.94 retrieving revision 1.95 diff -u -r1.94 -r1.95 --- src/usr.bin/ssh/ssh-keygen.1 2010/04/16 06:47:04 1.94 +++ src/usr.bin/ssh/ssh-keygen.1 2010/06/29 23:15:30 1.95 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keygen.1,v 1.94 2010/04/16 06:47:04 jmc Exp $ +.\" $OpenBSD: ssh-keygen.1,v 1.95 2010/06/29 23:15:30 djm Exp $ .\" .\" -*- nroff -*- .\" @@ -37,7 +37,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: April 16 2010 $ +.Dd $Mdocdate: June 29 2010 $ .Dt SSH-KEYGEN 1 .Os .Sh NAME @@ -59,9 +59,11 @@ .Op Fl f Ar keyfile .Nm ssh-keygen .Fl i +.Op Fl m Ar key_format .Op Fl f Ar input_keyfile .Nm ssh-keygen .Fl e +.Op Fl m Ar key_format .Op Fl f Ar input_keyfile .Nm ssh-keygen .Fl y @@ -215,11 +217,13 @@ .Ar pkcs11 . .It Fl e This option will read a private or public OpenSSH key file and -print the key in -RFC 4716 SSH Public Key File Format -to stdout. -This option allows exporting keys for use by several commercial -SSH implementations. +print to stdout the key in one of the formats specified by the +.Fl m +option. +The default export format is +.Dq RFC4716 . +This option allows exporting OpenSSH key for use by other programs, including +several commercial SSH implementations. .It Fl F Ar hostname Search for the specified .Ar hostname @@ -270,13 +274,14 @@ section for details. .It Fl i This option will read an unencrypted private (or public) key file -in SSH2-compatible format and print an OpenSSH compatible private +in the format specified by the +.Fl m +option and print an OpenSSH compatible private (or public) key to stdout. -.Nm -also reads the -RFC 4716 SSH Public Key File Format. -This option allows importing keys from several commercial -SSH implementations. +This option allows importing keys from other software, including several +commercial SSH implementations. +The default import format is +.Dq RFC4716 . .It Fl L Prints the contents of a certificate. .It Fl l @@ -288,6 +293,22 @@ If combined with .Fl v , an ASCII art representation of the key is supplied with the fingerprint. +.It Fl m Ar key_format +Specify a key format for the +.Fl i +(import) or +.Fl e +(export) coversion options. +The supported key formats are: +.Dq RFC4716 +(RFC4716/SSH2 public or private key), +.Dq PKCS8 +(PEM PKCS8 public key) +or +.Dq PEM +(PEM public key). +The default conversion format is +.Dq RFC4716 . .It Fl M Ar memory Specify the amount of memory to use (in megabytes) when generating candidate moduli for DH-GEX.