Commit Graph

76 Commits

Author SHA1 Message Date
Darren Tucker
199ee6ff07 - dtucker@cvs.openbsd.org 2009/10/24 00:48:34
[ssh-keygen.1]
     ssh-keygen now uses AES-128 for private keys
2009-10-24 11:50:17 +11:00
Damien Miller
718ed50401 - sthen@cvs.openbsd.org 2008/07/24 23:55:30
[ssh-keygen.1]
     Add "ssh-keygen -F -l" to synopsis (displays fingerprint from
     known_hosts).  ok djm@
2008-11-03 19:15:20 +11:00
Darren Tucker
f09e825329 - jmc@cvs.openbsd.org 2008/06/12 19:10:09
[ssh_config.5 ssh-keygen.1]
     tweak the ascii art text; ok grunk
2008-06-13 05:18:03 +10:00
Darren Tucker
35c45535ea - grunk@cvs.openbsd.org 2008/06/11 22:20:46
[ssh-keygen.c ssh-keygen.1]
     ssh-keygen would write fingerprints to STDOUT, and random art to STDERR,
     that is not how it was envisioned.
     Also correct manpage saying that -v is needed along with -l for it to work.
     spotted by naddy@
2008-06-13 04:43:15 +10:00
Darren Tucker
9c16ac9263 - grunk@cvs.openbsd.org 2008/06/11 21:01:35
[ssh_config.5 key.h readconf.c readconf.h ssh-keygen.1 ssh-keygen.c key.c
      sshconnect.c]
     Introduce SSH Fingerprint ASCII Visualization, a technique inspired by the
     graphical hash visualization schemes known as "random art", and by
     Dan Kaminsky's musings on the subject during a BlackOp talk at the
     23C3 in Berlin.
     Scientific publication (original paper):
     "Hash Visualization: a New Technique to improve Real-World Security",
     Perrig A. and Song D., 1999, International Workshop on Cryptographic
     Techniques and E-Commerce (CrypTEC '99)
     http://sparrow.ece.cmu.edu/~adrian/projects/validation/validation.pdf
     The algorithm used here is a worm crawling over a discrete plane,
     leaving a trace (augmenting the field) everywhere it goes.
     Movement is taken from dgst_raw 2bit-wise.  Bumping into walls
     makes the respective movement vector be ignored for this turn,
     thus switching to the other color of the chessboard.
     Graphs are not unambiguous for now, because circles in graphs can be
     walked in either direction.
     discussions with several people,
     help, corrections and ok markus@ djm@
2008-06-13 04:40:35 +10:00
Darren Tucker
aa4d5eda10 - jmc@cvs.openbsd.org 2007/05/31 19:20:16
[scp.1 ssh_config.5 sftp-server.8 ssh-agent.1 sshd_config.5 sftp.1
     ssh-keygen.1 ssh-keyscan.1 ssh-add.1 sshd.8 ssh.1 ssh-keysign.8]
     convert to new .Dd format;
     (We will need to teach mdoc2man.awk to understand this too.)
2007-06-05 18:27:13 +10:00
Darren Tucker
26dc3e656a - jmc@cvs.openbsd.org 2007/01/12 20:20:41
[ssh-keygen.1 ssh-keygen.c]
     more secsh -> rfc 4716 updates;
     spotted by wiz@netbsd
     ok markus
2007-02-19 22:09:06 +11:00
Damien Miller
c0367fb0d2 - markus@cvs.openbsd.org 2006/12/11 21:25:46
[ssh-keygen.1 ssh.1]
     add rfc 4716 (public key format); ok jmc
2007-01-05 16:25:46 +11:00
Darren Tucker
9f647335d2 [ssh-keygen.1 ssh-keygen.c]
Enforce DSA key length of exactly 1024 bits to comply with FIPS-186-2,
     increase minumum RSA key size to 768 bits and update man page to reflect
     these.  Patch originally bz#1119 (senthilkumar_sen at hotpop.com),
     ok djm@, grudging ok deraadt@.
2005-11-28 16:41:46 +11:00
Damien Miller
83d0d39d0e - jmc@cvs.openbsd.org 2005/10/31 19:55:25
[ssh-keygen.1]
     grammar;
2005-11-05 15:16:27 +11:00
Damien Miller
f14be5ce03 - djm@cvs.openbsd.org 2005/10/31 11:12:49
[ssh-keygen.1 ssh-keygen.c]
     generate a protocol 2 RSA key by default
2005-11-05 15:15:49 +11:00
Damien Miller
ac7ef6a736 - djm@cvs.openbsd.org 2005/06/08 03:50:00
[ssh-keygen.1 ssh-keygen.c sshd.8]
     increase default rsa/dsa key length from 1024 to 2048 bits;
     ok markus@ deraadt@
2005-06-16 13:19:06 +10:00
Damien Miller
167ea5d026 - djm@cvs.openbsd.org 2005/04/21 06:17:50
[ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 ssh_config.5 sshd.8]
     [sshd_config.5] OpenSSH doesn't ever look at the $HOME environment
     variable, so don't say that we do (bz #623); ok deraadt@
2005-05-26 12:04:02 +10:00
Darren Tucker
da1adbc2cc - dtucker@cvs.openbsd.org 2005/03/14 10:09:03
[ssh-keygen.1]
     Correct description of -H (bz #997);  ok markus@, punctuation jmc@
2005-03-14 23:15:58 +11:00
Damien Miller
265d309ebc - jmc@cvs.openbsd.org 2005/03/01 18:15:56
[ssh-keygen.1]
     sort options (no attempt made at synopsis clean up though);
     spelling (occurance -> occurrence);
     use prompt before examples;
     grammar;
2005-03-02 12:05:06 +11:00
Damien Miller
4c9c6fdcfe - jmc@cvs.openbsd.org 2005/03/01 15:05:00
[ssh-keygen.1]
     whitespace;
2005-03-02 12:03:43 +11:00
Damien Miller
4b42d7f195 - djm@cvs.openbsd.org 2005/03/01 10:42:49
[ssh-keygen.1 ssh-keygen.c ssh_config.5]
     add tools for managing known_hosts files with hashed hostnames, including
     hashing existing files and deleting hosts by name; ok markus@ deraadt@
2005-03-01 21:48:35 +11:00
Darren Tucker
6e37037fea - jmc@cvs.openbsd.org 2004/08/13 00:01:43
[ssh-keygen.1]
     kill whitespace at eol;
2004-08-13 21:23:25 +10:00
Darren Tucker
0b42e6d95b - jakob@cvs.openbsd.org 2004/08/12 21:41:13
[ssh-keygen.1 ssh.1]
     improve SSHFP documentation; ok deraadt@
2004-08-13 21:22:40 +10:00
Darren Tucker
06930c70ad - djm@cvs.openbsd.org 2003/12/22 09:16:58
[moduli.c ssh-keygen.1 ssh-keygen.c]
     tidy up moduli generation debugging, add -v (verbose/debug) option to
     ssh-keygen; ok markus@
2003-12-31 11:34:51 +11:00
Darren Tucker
019cefeaad - djm@cvs.openbsd.org 2003/07/28 09:49:56
[ssh-keygen.1 ssh-keygen.c]
     Support for generating Diffie-Hellman groups (/etc/moduli) from ssh-keygen.
     Based on code from Phil Karn, William Allen Simpson and Niels Provos.
     ok markus@, thanks jmc@
2003-08-02 22:40:07 +10:00
Damien Miller
f1ce505daf - jmc@cvs.openbsd.org 2003/06/10 09:12:11
[scp.1 sftp-server.8 ssh.1 ssh-add.1 ssh-agent.1 ssh_config.5]
     [sshd.8 sshd_config.5 ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8]
     - section reorder
     - COMPATIBILITY merge
     - macro cleanup
     - kill whitespace at EOL
     - new sentence, new line
     ssh pages ok markus@
2003-06-11 22:04:39 +10:00
Damien Miller
fbf486b4a6 - jmc@cvs.openbsd.org 2003/05/20 12:09:31
[ssh.1 ssh_config.5 sshd.8 sshd_config.5 ssh-keygen.1]
     new sentence, new line
2003-05-23 18:44:23 +10:00
Damien Miller
37876e913a - jakob@cvs.openbsd.org 2003/05/14 18:16:20
[key.c key.h readconf.c readconf.h ssh_config.5 sshconnect.c]
     [dns.c dns.h README.dns ssh-keygen.1 ssh-keygen.c]
     add experimental support for verifying hos keys using DNS as described
     in draft-ietf-secsh-dns-xx.txt. more information in README.dns.
     ok markus@ and henning@
2003-05-15 10:19:46 +10:00
Damien Miller
495dca3518 - (djm) OpenBSD CVS Sync
- jmc@cvs.openbsd.org 2003/03/28 10:11:43
     [scp.1 sftp.1 ssh.1 ssh-add.1 ssh-agent.1 ssh_config.5 sshd_config.5]
     [ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8]
     - killed whitespace
     - new sentence new line
     - .Bk for arguments
     ok markus@
2003-04-01 21:42:14 +10:00
Ben Lindstrom
9394d2fc0a - stevesk@cvs.openbsd.org 2002/11/26 02:35:30
[ssh-keygen.1]
     remove outdated statement; ok markus@ deraadt@
2002-12-23 02:11:54 +00:00
Ben Lindstrom
cb72e4f6d2 - deraadt@cvs.openbsd.org 2002/06/19 00:27:55
[auth-bsdauth.c auth-skey.c auth1.c auth2-chall.c auth2-none.c authfd.c
      authfd.h monitor_wrap.c msg.c nchan.c radix.c readconf.c scp.c sftp.1
      ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c
      ssh-keysign.c ssh.1 sshconnect.c sshconnect.h sshconnect2.c ttymodes.c
      xmalloc.h]
     KNF done automatically while reading....
2002-06-21 00:41:51 +00:00
Damien Miller
55fafa09f2 - stevesk@cvs.openbsd.org 2002/02/16 14:53:37
[ssh-keygen.1]
     -t required now for key generation
2002-02-19 15:22:07 +11:00
Damien Miller
a41c8b15bd - djm@cvs.openbsd.org 2001/12/21 08:52:22
[ssh-keygen.1 ssh-keygen.c]
     Remove default (rsa1) key type; ok markus@
2002-01-22 23:05:08 +11:00
Ben Lindstrom
4e366d5048 - stevesk@cvs.openbsd.org 2001/11/21 18:49:14
[ssh-keygen.1]
     more on passphrase construction; ok markus@
2001-12-06 16:43:21 +00:00
Damien Miller
eb5fec6494 - markus@cvs.openbsd.org 2001/10/25 21:14:32
[ssh-keygen.1 ssh-keygen.c]
     better docu for fingerprinting, ok deraadt@
2001-11-12 10:52:44 +11:00
Ben Lindstrom
594e203894 - deraadt@cvs.openbsd.org 2001/09/05 06:23:07
[scp.1 sftp.1 ssh.1 ssh-agent.1 sshd.8 ssh-keygen.1 ssh-keyscan.1]
     avoid first person in manual pages
2001-09-12 18:35:30 +00:00
Ben Lindstrom
a1ec4a9cb8 - jakob@cvs.openbsd.org 2001/08/02 15:07:23
[ssh-keygen.1]
     document smartcard upload/download. ok markus@
2001-08-06 21:51:34 +00:00
Ben Lindstrom
d18c80c2a6 - aaron@cvs.openbsd.org 2001/07/23 14:14:18
[ssh-keygen.1]
     Fix typo.
2001-08-06 21:00:27 +00:00
Ben Lindstrom
bda98b0091 - markus@cvs.openbsd.org 2001/06/25 17:18:27
[ssh-keygen.1]
     sshd(8) will never read the private keys, but ssh(1) does;
     hugh@mimosa.com
2001-07-04 03:35:24 +00:00
Ben Lindstrom
90fd060bc8 - deraadt@cvs.openbsd.org 2001/06/23 05:57:09
[sftp.1 sftp-server.8 ssh-keygen.1]
     ok, tmac is now fixed
2001-06-25 04:45:33 +00:00
Ben Lindstrom
b710f788f1 - deraadt@cvs.openbsd.org 2001/06/23 02:33:05
[sftp.1 sftp-server.8 ssh-keygen.1]
     join .%A entries; most by bk@rt.fm
2001-06-25 04:32:38 +00:00
Ben Lindstrom
f96704d4ef - markus@cvs.openbsd.org 2001/06/22 21:55:49
[auth2.c auth-rsa.c pathnames.h ssh.1 sshd.8 sshd_config
      ssh-keygen.1]
     merge authorized_keys2 into authorized_keys.
     authorized_keys2 is used for backward compat.
     (just append authorized_keys2 to authorized_keys).
2001-06-25 04:17:12 +00:00
Ben Lindstrom
2a097a4543 - markus@cvs.openbsd.org 2001/06/03 19:36:44
[ssh-keygen.1]
     1-2 bits of entrophy per character (not per word), ok stevesk@
2001-06-09 01:13:40 +00:00
Ben Lindstrom
aafff9cc76 - stevesk@cvs.openbsd.org 2001/05/05 13:42:52
[sftp.1 ssh-add.1 ssh-keygen.1]
     typos, grammar
2001-05-06 03:01:02 +00:00
Ben Lindstrom
46c264f2ae - markus@cvs.openbsd.org 2001/04/23 21:57:07
[ssh-keygen.1 ssh-keygen.c]
     allow public key for -e, too
2001-04-24 16:56:58 +00:00
Ben Lindstrom
c65e6a0fec - markus@cvs.openbsd.org 2001/04/22 23:58:36
[ssh-keygen.1 ssh.1 sshd.8]
     document hostbased and other cleanup
2001-04-23 13:02:16 +00:00
Ben Lindstrom
2857d9cf77 - markus@cvs.openbsd.org 2001/04/22 13:41:02
[ssh-keygen.1 ssh-keygen.c]
     style, noted by stevesk; sort flags in usage
2001-04-22 17:19:46 +00:00
Ben Lindstrom
5a70782576 - markus@cvs.openbsd.org 2001/04/22 13:25:37
[ssh-keygen.1 ssh-keygen.c]
     rename arguments -x -> -e (export key), -X -> -i (import key)
     xref draft-ietf-secsh-publickeyfile-01.txt
2001-04-22 17:15:46 +00:00
Ben Lindstrom
18a82ac029 - itojun@cvs.openbsd.org 2001/04/10 09:13:22
[ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
     document id_rsa{.pub,}.  markus ok
2001-04-11 15:59:35 +00:00
Ben Lindstrom
8fd372b194 - markus@cvs.openbsd.org 2001/03/11 22:33:24
[ssh-keygen.1 ssh-keygen.c]
     remove -v again. use -B instead for bubblebabble. make -B consistent
     with -l and make -B work with /path/to/known_hosts. ok deraadt@
2001-03-12 03:02:17 +00:00
Ben Lindstrom
a8a73e62ed - jakob@cvs.openbsd.org 2001/03/11 15:04:16
[ssh-keygen.1 ssh-keygen.c]
     print both md5, sha1 and bubblebabble fingerprints when using
     ssh-keygen -l -v. ok markus@.
2001-03-11 20:05:19 +00:00
Ben Lindstrom
92a2e38f8e - deraadt@cvs.openbsd.org 2001/03/02 18:54:31
[atomicio.c atomicio.h auth-chall.c auth.c auth2-chall.c crc32.h
      scp.c serverloop.c session.c sftp-server.8 sftp.1 ssh-add.1 ssh-add.c
      ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh.1 sshd.8]
     make copyright lines the same format
2001-03-05 06:59:27 +00:00
Ben Lindstrom
7ab5117367 - deraadt@cvs.openbsd.org 2001/02/22 08:03:51
[ssh-keygen.1 ssh-keygen.c]
     bye bye -d
2001-03-05 05:13:38 +00:00
Ben Lindstrom
b7c9232da1 - deraadt@cvs.openbsd.org 2001/02/22 06:43:55
[ssh-keygen.1 ssh-keygen.c]
     document -d, and -t defaults to rsa1
2001-03-05 05:10:52 +00:00