diff options
| author | Damien Miller <djm@mindrot.org> | 2014-02-04 11:09:12 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2014-02-04 11:09:12 +1100 |
| commit | f8f35bc471500348bb262039fb1fc43175d251b0 (patch) | |
| tree | 5298c009644bed533fbd05fd1161b5a120310be5 | |
| parent | 0ba85d696ae9daf66002c2e4ab0d6bb111e1a787 (diff) | |
- jmc@cvs.openbsd.org 2014/01/28 14:13:39
[ssh-keyscan.1]
kill some bad Pa;
From: Jan Stary
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | ssh-keyscan.1 | 28 |
2 files changed, 18 insertions, 14 deletions
@@ -10,6 +10,10 @@ - markus@cvs.openbsd.org 2014/01/27 20:13:46 [digest.c digest-openssl.c digest-libc.c Makefile.in] rename digest.c to digest-openssl.c and add libc variant; ok djm@ + - jmc@cvs.openbsd.org 2014/01/28 14:13:39 + [ssh-keyscan.1] + kill some bad Pa; + From: Jan Stary 20140131 - (djm) [sandbox-seccomp-filter.c sandbox-systrace.c] Allow shutdown(2) diff --git a/ssh-keyscan.1 b/ssh-keyscan.1 index 65ef43ef..dae4fd9f 100644 --- a/ssh-keyscan.1 +++ b/ssh-keyscan.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keyscan.1,v 1.33 2013/12/07 11:58:46 naddy Exp $ +.\" $OpenBSD: ssh-keyscan.1,v 1.34 2014/01/28 14:13:39 jmc Exp $ .\" .\" Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. .\" @@ -6,7 +6,7 @@ .\" permitted provided that due credit is given to the author and the .\" OpenBSD project by leaving this copyright notice intact. .\" -.Dd $Mdocdate: December 7 2013 $ +.Dd $Mdocdate: January 28 2014 $ .Dt SSH-KEYSCAN 1 .Os .Sh NAME @@ -56,14 +56,16 @@ Forces to use IPv6 addresses only. .It Fl f Ar file Read hosts or -.Pa addrlist namelist -pairs from this file, one per line. +.Dq addrlist namelist +pairs from +.Ar file , +one per line. If .Pa - is supplied instead of a filename, .Nm will read hosts or -.Pa addrlist namelist +.Dq addrlist namelist pairs from the standard input. .It Fl H Hash all hostnames and addresses in the output. @@ -78,7 +80,7 @@ Port to connect to on the remote host. .It Fl T Ar timeout Set the timeout for connection attempts. If -.Pa timeout +.Ar timeout seconds have elapsed since a connection was initiated to a host or since the last time anything was read from that host, then the connection is closed and the host in question considered unavailable. @@ -117,23 +119,23 @@ On the other hand, if the security model allows such a risk, can help in the detection of tampered keyfiles or man in the middle attacks which have begun after the ssh_known_hosts file was created. .Sh FILES -.Pa Input format: +Input format: .Bd -literal 1.2.3.4,1.2.4.4 name.my.domain,name,n.my.domain,n,1.2.3.4,1.2.4.4 .Ed .Pp -.Pa Output format for rsa1 keys: +Output format for rsa1 keys: .Bd -literal host-or-namelist bits exponent modulus .Ed .Pp -.Pa Output format for rsa, dsa and ecdsa keys: +Output format for rsa, dsa and ecdsa keys: .Bd -literal host-or-namelist keytype base64-encoded-key .Ed .Pp Where -.Pa keytype +.Ar keytype is either .Dq ecdsa-sha2-nistp256 , .Dq ecdsa-sha2-nistp384 , @@ -145,10 +147,8 @@ or .Pp .Pa /etc/ssh/ssh_known_hosts .Sh EXAMPLES -Print the -.Pa rsa -host key for machine -.Pa hostname : +Print the rsa host key for machine +.Ar hostname : .Bd -literal $ ssh-keyscan hostname .Ed |