summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authordtucker@openbsd.org <dtucker@openbsd.org>2020-11-17 12:23:58 +0100
committerDarren Tucker <dtucker@dtucker.net>2020-11-17 12:34:57 +0100
commit85cceda21f1471548e04111aefe2c4943131c1c8 (patch)
treea0b8020101e7c2f1e4a9908f2c9be5525de4a0cd
parentupstream: revert r1.341; it breaks ProxyJump; reported by sthen@ (diff)
downloadopenssh-85cceda21f1471548e04111aefe2c4943131c1c8.tar.xz
openssh-85cceda21f1471548e04111aefe2c4943131c1c8.zip
upstream: Specify that the KDF function is bcrypt. Based on github
PR#214 from rafork, ok markus@, mdoc correction jmc@ OpenBSD-Commit-ID: d8f2853e7edbcd483f31b50da77ab80ffa18b4ef
-rw-r--r--ssh-keygen.18
1 files changed, 5 insertions, 3 deletions
diff --git a/ssh-keygen.1 b/ssh-keygen.1
index 96957acf5..e09d6475e 100644
--- a/ssh-keygen.1
+++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ssh-keygen.1,v 1.210 2020/10/26 00:39:04 dtucker Exp $
+.\" $OpenBSD: ssh-keygen.1,v 1.211 2020/11/17 11:23:58 dtucker Exp $
.\"
.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -35,7 +35,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: October 26 2020 $
+.Dd $Mdocdate: November 17 2020 $
.Dt SSH-KEYGEN 1
.Os
.Sh NAME
@@ -274,7 +274,9 @@ This is used by
to generate new host keys.
.It Fl a Ar rounds
When saving a private key, this option specifies the number of KDF
-(key derivation function) rounds used.
+(key derivation function, currently
+.Xr bcrypt_pbkdf 3 )
+rounds used.
Higher numbers result in slower passphrase verification and increased
resistance to brute-force password cracking (should the keys be stolen).
The default is 16 rounds.