X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=blobdiff_plain;f=doc%2Fman-pg.but;h=b6e4ef2c11bc1ea560a24491454b12d60998ae5e;hb=145ecf611238c4f1e39d89d3eee40319a2c54fe8;hp=f0cb89b43a16bb09111a9b820a80dab52c235252;hpb=588e4168c87731b1bee11f75bb88ffba38cd209c;p=PuTTY.git diff --git a/doc/man-pg.but b/doc/man-pg.but index f0cb89b4..b6e4ef2c 100644 --- a/doc/man-pg.but +++ b/doc/man-pg.but @@ -37,7 +37,11 @@ the following section. \S{puttygen-manpage-options} OPTIONS In the first phase, \c{puttygen} either loads or generates a key. -The options to control this are: +Note that generating a key requires random data (from +\c{/dev/random}), which can cause \c{puttygen} to pause, possibly for +some time if your system does not have much randomness available. + +The options to control this phase are: \dt \e{keyfile} @@ -49,17 +53,24 @@ OpenSSH and ssh.com's implementation. \dt \cw{\-t} \e{keytype} \dd Specify a type of key to generate. The acceptable values here are -\c{rsa} and \c{dsa} (to generate SSH-2 keys), and \c{rsa1} (to -generate SSH-1 keys). +\c{rsa}, \c{dsa}, \c{ecdsa}, and \c{ed25519} (to generate SSH-2 keys), +and \c{rsa1} (to generate SSH-1 keys). \dt \cw{\-b} \e{bits} -\dd Specify the size of the key to generate, in bits. Default is 1024. +\dd Specify the size of the key to generate, in bits. Default is 2048. \dt \cw{\-q} \dd Suppress the progress display when generating a new key. +\dt \cw{\-\-old\-passphrase} \e{file} + +\dd Specify a file name; the first line will be read from this file +(removing any trailing newline) and used as the old passphrase. +\s{CAUTION:} If the passphrase is important, the file should be stored +on a temporary filesystem or else securely erased after use. + In the second phase, \c{puttygen} optionally alters properties of the key it has loaded or generated. The options to control this are: @@ -95,8 +106,8 @@ be the standard SSH-1 key format, or PuTTY's own SSH-2 key format. \dd Save the public key only. For SSH-1 keys, the standard public key format will be used (\q{\cw{1024 37 5698745}...}). For SSH-2 keys, the -public key will be output in the format specified in the IETF -drafts, which is a multi-line text file beginning with the line +public key will be output in the format specified by RFC 4716, +which is a multi-line text file beginning with the line \q{\cw{---- BEGIN SSH2 PUBLIC KEY ----}}. \dt \cw{public-openssh} @@ -113,9 +124,15 @@ algorithms are believed compatible with OpenSSH. \dt \cw{private-openssh} -\dd Save an SSH-2 private key in OpenSSH's format. This option is not +\dd Save an SSH-2 private key in OpenSSH's format, using the oldest +format available to maximise backward compatibility. This option is not permitted for SSH-1 keys. +\dt \cw{private-openssh-new} + +\dd As \c{private-openssh}, except that it forces the use of OpenSSH's +newer format even for RSA, DSA, and ECDSA keys. + \dt \cw{private-sshcom} \dd Save an SSH-2 private key in ssh.com's format. This option is not @@ -146,6 +163,14 @@ fingerprint. Otherwise, the \c{\-o} option is required. \dd Synonym for \q{\cw{-O public}}. +\dt \cw{\-\-new\-passphrase} \e{file} + +\dd Specify a file name; the first line will be read from this file +(removing any trailing newline) and used as the new passphrase. If the +file is empty then the saved key will be unencrypted. \s{CAUTION:} If +the passphrase is important, the file should be stored on a temporary +filesystem or else securely erased after use. + The following options do not run PuTTYgen as normal, but print informational messages and then quit: @@ -169,9 +194,9 @@ To generate an SSH-2 RSA key pair and save it in PuTTY's own format \c puttygen -t rsa -C "my home key" -o mykey.ppk -To generate a larger (2048-bit) key: +To generate a larger (4096-bit) key: -\c puttygen -t rsa -b 2048 -C "my home key" -o mykey.ppk +\c puttygen -t rsa -b 4096 -C "my home key" -o mykey.ppk To change the passphrase on a key (you will be prompted for the old and new passphrases): @@ -200,8 +225,3 @@ To add the OpenSSH-format public half of a key to your authorised keys file: \c puttygen -L mykey.ppk >> $HOME/.ssh/authorized_keys - -\S{puttygen-manpage-bugs} BUGS - -There's currently no way to supply passphrases in batch mode, or -even just to specify that you don't want a passphrase at all.