- markus@cvs.openbsd.org 2010/02/10 23:20:38

[ssh-add.1 ssh-keygen.1 ssh.1 ssh_config.5] pkcs#11 is no longer optional; improve wording; ok jmc@
2010-02-12 09:26:02 +11:00 · 2010-02-12 09:26:02 +11:00 · a761844455
--- a/3
+++ b/3
@ -31,6 +31,9 @@
     [auth.c]
     unbreak ChrootDirectory+internal-sftp by skipping check for executable
     shell when chrooting; reported by danh AT wzrd.com; ok dtucker@
+   - markus@cvs.openbsd.org 2010/02/10 23:20:38
+     [ssh-add.1 ssh-keygen.1 ssh.1 ssh_config.5]
+     pkcs#11 is no longer optional; improve wording; ok jmc@

 20100210
 - (djm) add -lselinux to LIBS before calling AC_CHECK_FUNCS for
--- a/ssh-add.1
+++ b/ssh-add.1
@ -1,4 +1,4 @@
-.\"	$OpenBSD: ssh-add.1,v 1.50 2010/02/08 22:03:05 jmc Exp $
+.\"	$OpenBSD: ssh-add.1,v 1.51 2010/02/10 23:20:38 markus Exp $
 .\"
 .\"  -*- nroff -*-
 .\"
@ -37,7 +37,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: February 8 2010 $
+.Dd $Mdocdate: February 10 2010 $
 .Dt SSH-ADD 1
 .Os
 .Sh NAME
@ -102,7 +102,7 @@ will append
 .Pa .pub
 and retry.
 .It Fl e Ar pkcs11
-Remove key provided by
+Remove keys provided by the PKCS#11 shared library
 .Ar pkcs11 .
 .It Fl L
 Lists public key parameters of all identities currently represented
@ -110,7 +110,7 @@ by the agent.
 .It Fl l
 Lists fingerprints of all identities currently represented by the agent.
 .It Fl s Ar pkcs11
-Add key provided by
+Add keys provided by the PKCS#11 shared library
 .Ar pkcs11 .
 .It Fl t Ar life
 Set a maximum lifetime when adding identities to an agent.
--- a/ssh-keygen.1
+++ b/ssh-keygen.1
@ -1,4 +1,4 @@
-.\"	$OpenBSD: ssh-keygen.1,v 1.82 2010/02/08 22:03:05 jmc Exp $
+.\"	$OpenBSD: ssh-keygen.1,v 1.83 2010/02/10 23:20:38 markus Exp $
 .\"
 .\"  -*- nroff -*-
 .\"
@ -37,7 +37,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: February 8 2010 $
+.Dd $Mdocdate: February 10 2010 $
 .Dt SSH-KEYGEN 1
 .Os
 .Sh NAME
@ -199,9 +199,8 @@ This operation is only supported for RSA1 keys.
 The program will prompt for the file containing the private keys, for
 the passphrase if the key has one, and for the new comment.
 .It Fl D Ar pkcs11
-Download the RSA public keys stored in the
-.Ar pkcs11
-provider.
+Download the RSA public keys provided by the PKCS#11 shared library
+.Ar pkcs11 .
 .It Fl e
 This option will read a private or public OpenSSH key file and
 print the key in
--- a/ssh.1
+++ b/ssh.1
@ -34,8 +34,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh.1,v 1.292 2010/02/08 22:03:05 jmc Exp $
-.Dd $Mdocdate: February 8 2010 $
+.\" $OpenBSD: ssh.1,v 1.293 2010/02/10 23:20:38 markus Exp $
+.Dd $Mdocdate: February 10 2010 $
 .Dt SSH 1
 .Os
 .Sh NAME
@ -288,10 +288,8 @@ Allows remote hosts to connect to local forwarded ports.
 .It Fl I Ar pkcs11
 Specify the PKCS#11 shared libarary
 .Nm
-should use to communicate with a PKCS#11 token used for storing the user's
+should use to communicate with a PKCS#11 token providing the user's
 private RSA key.
-This option is only available if support for PKCS#11
-is compiled in (default is no support).
 .It Fl i Ar identity_file
 Selects a file from which the identity (private key) for
 RSA or DSA authentication is read.
--- a/ssh_config.5
+++ b/ssh_config.5
@ -34,8 +34,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh_config.5,v 1.127 2010/02/08 10:50:20 markus Exp $
-.Dd $Mdocdate: February 8 2010 $
+.\" $OpenBSD: ssh_config.5,v 1.128 2010/02/10 23:20:38 markus Exp $
+.Dd $Mdocdate: February 10 2010 $
 .Dt SSH_CONFIG 5
 .Os
 .Sh NAME
@ -715,9 +715,8 @@ The default is
 Specifies which PKCS#11 provider to use.
 The argument to this keyword is the PKCS#11 shared libary
 .Xr ssh 1
-should use to communicate with a PKCS#11 token used for storing the user's
+should use to communicate with a PKCS#11 token providing the user's
 private RSA key.
-By default, no device is specified and PKCS#11 support is not activated.
 .It Cm Port
 Specifies the port number to connect on the remote host.
 The default is 22.