From f8f35bc471500348bb262039fb1fc43175d251b0 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Tue, 4 Feb 2014 11:09:12 +1100 Subject: - jmc@cvs.openbsd.org 2014/01/28 14:13:39 [ssh-keyscan.1] kill some bad Pa; From: Jan Stary --- ChangeLog | 4 ++++ ssh-keyscan.1 | 28 ++++++++++++++-------------- 2 files changed, 18 insertions(+), 14 deletions(-) diff --git a/ChangeLog b/ChangeLog index b8c4eacf..6eb3c93e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -10,6 +10,10 @@ - markus@cvs.openbsd.org 2014/01/27 20:13:46 [digest.c digest-openssl.c digest-libc.c Makefile.in] rename digest.c to digest-openssl.c and add libc variant; ok djm@ + - jmc@cvs.openbsd.org 2014/01/28 14:13:39 + [ssh-keyscan.1] + kill some bad Pa; + From: Jan Stary 20140131 - (djm) [sandbox-seccomp-filter.c sandbox-systrace.c] Allow shutdown(2) diff --git a/ssh-keyscan.1 b/ssh-keyscan.1 index 65ef43ef..dae4fd9f 100644 --- a/ssh-keyscan.1 +++ b/ssh-keyscan.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keyscan.1,v 1.33 2013/12/07 11:58:46 naddy Exp $ +.\" $OpenBSD: ssh-keyscan.1,v 1.34 2014/01/28 14:13:39 jmc Exp $ .\" .\" Copyright 1995, 1996 by David Mazieres . .\" @@ -6,7 +6,7 @@ .\" permitted provided that due credit is given to the author and the .\" OpenBSD project by leaving this copyright notice intact. .\" -.Dd $Mdocdate: December 7 2013 $ +.Dd $Mdocdate: January 28 2014 $ .Dt SSH-KEYSCAN 1 .Os .Sh NAME @@ -56,14 +56,16 @@ Forces to use IPv6 addresses only. .It Fl f Ar file Read hosts or -.Pa addrlist namelist -pairs from this file, one per line. +.Dq addrlist namelist +pairs from +.Ar file , +one per line. If .Pa - is supplied instead of a filename, .Nm will read hosts or -.Pa addrlist namelist +.Dq addrlist namelist pairs from the standard input. .It Fl H Hash all hostnames and addresses in the output. @@ -78,7 +80,7 @@ Port to connect to on the remote host. .It Fl T Ar timeout Set the timeout for connection attempts. If -.Pa timeout +.Ar timeout seconds have elapsed since a connection was initiated to a host or since the last time anything was read from that host, then the connection is closed and the host in question considered unavailable. @@ -117,23 +119,23 @@ On the other hand, if the security model allows such a risk, can help in the detection of tampered keyfiles or man in the middle attacks which have begun after the ssh_known_hosts file was created. .Sh FILES -.Pa Input format: +Input format: .Bd -literal 1.2.3.4,1.2.4.4 name.my.domain,name,n.my.domain,n,1.2.3.4,1.2.4.4 .Ed .Pp -.Pa Output format for rsa1 keys: +Output format for rsa1 keys: .Bd -literal host-or-namelist bits exponent modulus .Ed .Pp -.Pa Output format for rsa, dsa and ecdsa keys: +Output format for rsa, dsa and ecdsa keys: .Bd -literal host-or-namelist keytype base64-encoded-key .Ed .Pp Where -.Pa keytype +.Ar keytype is either .Dq ecdsa-sha2-nistp256 , .Dq ecdsa-sha2-nistp384 , @@ -145,10 +147,8 @@ or .Pp .Pa /etc/ssh/ssh_known_hosts .Sh EXAMPLES -Print the -.Pa rsa -host key for machine -.Pa hostname : +Print the rsa host key for machine +.Ar hostname : .Bd -literal $ ssh-keyscan hostname .Ed -- cgit v1.2.3