From 1f181425e9c66781043c205339098c1b89aaac70 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Sun, 18 Apr 2010 08:08:03 +1000
Subject: [PATCH]    - jmc@cvs.openbsd.org 2010/04/16 06:47:04     
 [ssh-keygen.1 ssh-keygen.c]      tweak previous; ok djm

---
 ChangeLog    | 3 +++
 ssh-keygen.1 | 6 +++---
 ssh-keygen.c | 5 +++--
 3 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 765477302..f629ff037 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,9 @@
    - jmc@cvs.openbsd.org 2010/04/16 06:45:01
      [ssh_config.5]
      tweak previous; ok djm
+   - jmc@cvs.openbsd.org 2010/04/16 06:47:04
+     [ssh-keygen.1 ssh-keygen.c]
+     tweak previous; ok djm
 
 20100416
  - (djm) Release openssh-5.5p1
diff --git a/ssh-keygen.1 b/ssh-keygen.1
index aacd4d3dc..26ae31f5e 100644
--- a/ssh-keygen.1
+++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: ssh-keygen.1,v 1.93 2010/04/16 01:47:26 djm Exp $
+.\"	$OpenBSD: ssh-keygen.1,v 1.94 2010/04/16 06:47:04 jmc Exp $
 .\"
 .\"  -*- nroff -*-
 .\"
@@ -506,7 +506,7 @@ that both ends of a connection share common moduli.
 supports signing of keys to produce certificates that may be used for
 user or host authentication.
 Certificates consist of a public key, some identity information, zero or
-more principal (user or host) names and an optional set of options that
+more principal (user or host) names and a set of options that
 are signed by a Certification Authority (CA) key.
 Clients or servers may then trust only the CA key and verify its signature
 on a certificate rather than trusting many user/host keys.
@@ -546,7 +546,7 @@ To generate a certificate for a specified set of principals:
 .Dl "$ ssh-keygen -s ca_key -I key_id -h -n host.domain user_key.pub"
 .Pp
 Additional limitations on the validity and use of user certificates may
-be specified through certificate options..
+be specified through certificate options.
 A certificate option may disable features of the SSH session, may be
 valid only when presented from particular source addresses or may
 force the use of a specific command.
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 8938dc051..f0ddd4cfc 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.186 2010/04/16 01:47:26 djm Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.187 2010/04/16 06:47:04 jmc Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1531,7 +1531,7 @@ usage(void)
 	fprintf(stderr, "  -M memory   Amount of memory (MB) to use for generating DH-GEX moduli.\n");
 	fprintf(stderr, "  -n name,... User/host principal names to include in certificate\n");
 	fprintf(stderr, "  -N phrase   Provide new passphrase.\n");
-	fprintf(stderr, "  -O cnstr    Specify a certificate option.\n");
+	fprintf(stderr, "  -O option   Specify a certificate option.\n");
 	fprintf(stderr, "  -P phrase   Provide old passphrase.\n");
 	fprintf(stderr, "  -p          Change passphrase of private key file.\n");
 	fprintf(stderr, "  -q          Quiet.\n");
@@ -1545,6 +1545,7 @@ usage(void)
 	fprintf(stderr, "  -v          Verbose.\n");
 	fprintf(stderr, "  -W gen      Generator to use for generating DH-GEX moduli.\n");
 	fprintf(stderr, "  -y          Read private key file and print public key.\n");
+	fprintf(stderr, "  -z serial   Specify a serial number.\n");
 
 	exit(1);
 }