diff options
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | ssh-keygen.1 | 10 |
2 files changed, 11 insertions, 4 deletions
@@ -23,6 +23,9 @@ - markus@cvs.openbsd.org 2001/11/21 15:51:24 [key.c] mem leak + - stevesk@cvs.openbsd.org 2001/11/21 18:49:14 + [ssh-keygen.1] + more on passphrase construction; ok markus@ 20011126 - (tim) [contrib/cygwin/README, openbsd-compat/bsd-cygwin_util.c, @@ -6945,4 +6948,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.1673 2001/12/06 16:41:41 mouring Exp $ +$Id: ChangeLog,v 1.1674 2001/12/06 16:43:21 mouring Exp $ diff --git a/ssh-keygen.1 b/ssh-keygen.1 index 622cb5c99..d8baa43bc 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keygen.1,v 1.50 2001/10/25 21:14:32 markus Exp $ +.\" $OpenBSD: ssh-keygen.1,v 1.51 2001/11/21 18:49:14 stevesk Exp $ .\" .\" -*- nroff -*- .\" @@ -111,10 +111,14 @@ The program also asks for a passphrase. The passphrase may be empty to indicate no passphrase (host keys must have an empty passphrase), or it may be a string of arbitrary length. -Good passphrases are 10-30 characters long and are +A passphrase is similar to a password, except it can be a phrase with a +series of words, punctuation, numbers, whitespace, or any string of +characters you want. +Good passphrases are 10-30 characters long, are not simple sentences or otherwise easily guessable (English prose has only 1-2 bits of entropy per character, and provides very bad -passphrases). +passphrases), and contain a mix of upper and lowercase letters, +numbers, and non-alphanumeric characters. The passphrase can be changed later by using the .Fl p option. |