diff options
author | dtucker@openbsd.org <dtucker@openbsd.org> | 2020-11-17 12:23:58 +0100 |
---|---|---|
committer | Darren Tucker <dtucker@dtucker.net> | 2020-11-17 12:34:57 +0100 |
commit | 85cceda21f1471548e04111aefe2c4943131c1c8 (patch) | |
tree | a0b8020101e7c2f1e4a9908f2c9be5525de4a0cd | |
parent | upstream: revert r1.341; it breaks ProxyJump; reported by sthen@ (diff) | |
download | openssh-85cceda21f1471548e04111aefe2c4943131c1c8.tar.xz openssh-85cceda21f1471548e04111aefe2c4943131c1c8.zip |
upstream: Specify that the KDF function is bcrypt. Based on github
PR#214 from rafork, ok markus@, mdoc correction jmc@
OpenBSD-Commit-ID: d8f2853e7edbcd483f31b50da77ab80ffa18b4ef
-rw-r--r-- | ssh-keygen.1 | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/ssh-keygen.1 b/ssh-keygen.1 index 96957acf5..e09d6475e 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keygen.1,v 1.210 2020/10/26 00:39:04 dtucker Exp $ +.\" $OpenBSD: ssh-keygen.1,v 1.211 2020/11/17 11:23:58 dtucker Exp $ .\" .\" Author: Tatu Ylonen <ylo@cs.hut.fi> .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -35,7 +35,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: October 26 2020 $ +.Dd $Mdocdate: November 17 2020 $ .Dt SSH-KEYGEN 1 .Os .Sh NAME @@ -274,7 +274,9 @@ This is used by to generate new host keys. .It Fl a Ar rounds When saving a private key, this option specifies the number of KDF -(key derivation function) rounds used. +(key derivation function, currently +.Xr bcrypt_pbkdf 3 ) +rounds used. Higher numbers result in slower passphrase verification and increased resistance to brute-force password cracking (should the keys be stolen). The default is 16 rounds. |