Re: ssh-keygen -Z

[Ruslan Makhmatkhanov]

Benjamin Kaduk wrote on 17.02.2014 08:56:

On Sun, 16 Feb 2014, Ruslan Makhmatkhanov wrote:


Hello,

there is -Z parameter in ssh-keygen --help output, but no mention of
it in ssh-keygen's man-page. Any clue what values this parameter accept?


It is the new-format ciphername, which can be used for RSA keys if the
new format file is being used, and is used for the elliptic curve keys,
if I'm reading things correctly. I guess that would mean that it accepts
things like chacha20-poly1...@openssh.com and aes256-ctr (see the
table ciphers[] in cipher.c), though I don't know which ones make sense
to pass in there.

I guess we should ask the OpenBSD folks to document it, the -Z argument
was added to ssh-keygen.c in r1.237 back in December.

-Ben


Thank you for description!

--
Regards,
Ruslan

T.O.S. Of Reality
___
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org

Re: ssh-keygen -Z

[Benjamin Kaduk]

On Sun, 16 Feb 2014, Ruslan Makhmatkhanov wrote:


Hello,

there is -Z parameter in ssh-keygen --help output, but no mention of it in 
ssh-keygen's man-page. Any clue what values this parameter accept?


It is the new-format ciphername, which can be used for RSA keys if the 
new format file is being used, and is used for the elliptic curve keys, if 
I'm reading things correctly. I guess that would mean that it accepts 
things like chacha20-poly1...@openssh.com and aes256-ctr (see the 
table ciphers[] in cipher.c), though I don't know which ones make sense to 
pass in there.


I guess we should ask the OpenBSD folks to document it, the -Z argument 
was added to ssh-keygen.c in r1.237 back in December.


-Ben
___
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org