upstream: Specify that the KDF function is bcrypt. Based on github

PR#214 from rafork, ok markus@, mdoc correction jmc@

OpenBSD-Commit-ID: d8f2853e7edbcd483f31b50da77ab80ffa18b4ef

ssh-keygen.1

@@ -1,4 +1,4 @@
-.\"	$OpenBSD: ssh-keygen.1,v 1.210 2020/10/26 00:39:04 dtucker Exp $
+.\"	$OpenBSD: ssh-keygen.1,v 1.211 2020/11/17 11:23:58 dtucker Exp $
 .\"
 .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
 .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -35,7 +35,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: October 26 2020 $
+.Dd $Mdocdate: November 17 2020 $
 .Dt SSH-KEYGEN 1
 .Os
 .Sh NAME
@@ -274,7 +274,9 @@ This is used by
 to generate new host keys.
 .It Fl a Ar rounds
 When saving a private key, this option specifies the number of KDF
-(key derivation function) rounds used.
+(key derivation function, currently
+.Xr bcrypt_pbkdf 3 )
+rounds used.
 Higher numbers result in slower passphrase verification and increased
 resistance to brute-force password cracking (should the keys be stolen).
 The default is 16 rounds.