diff --git a/doc/man-pl.but b/doc/man-pl.but index 2e3013c5..b5c64dc9 100644 --- a/doc/man-pl.but +++ b/doc/man-pl.but @@ -139,7 +139,17 @@ tunnel all their connections. Only works in SSH. \dt \cw{-i} \e{path} -\dd Private key file for authentication. +\dd Private key file for user authentication. + +\dt \cw{\-hostkey} \e{key} + +\dd Specify an acceptable host public key. This option may be specified +multiple times; each key can be either a fingerprint (\cw{99:aa:bb:...}) or +a base64-encoded blob in OpenSSH's one-line format. + +\lcont{ Specifying this option overrides automated host key +management; \e{only} the key(s) specified on the command-line will be +accepted, and the host's key will not be cached. } \dt \cw{-s} diff --git a/doc/man-pscp.but b/doc/man-pscp.but index ae43bb7c..e549279b 100644 --- a/doc/man-pscp.but +++ b/doc/man-pscp.but @@ -93,7 +93,17 @@ commands such as \q{\c{w}}). \dt \cw{-i} \e{path} -\dd Private key file for authentication. +\dd Private key file for user authentication. + +\dt \cw{\-hostkey} \e{key} + +\dd Specify an acceptable host public key. This option may be specified +multiple times; each key can be either a fingerprint (\cw{99:aa:bb:...}) or +a base64-encoded blob in OpenSSH's one-line format. + +\lcont{ Specifying this option overrides automated host key +management; \e{only} the key(s) specified on the command-line will be +accepted, and the host's key will not be cached. } \dt \cw{-scp} diff --git a/doc/man-psft.but b/doc/man-psft.but index 29939b92..a3a1362a 100644 --- a/doc/man-psft.but +++ b/doc/man-psft.but @@ -81,7 +81,17 @@ commands such as \q{\c{w}}). \dt \cw{-i} \e{path} -\dd Private key file for authentication. +\dd Private key file for user authentication. + +\dt \cw{\-hostkey} \e{key} + +\dd Specify an acceptable host public key. This option may be specified +multiple times; each key can be either a fingerprint (\cw{99:aa:bb:...}) or +a base64-encoded blob in OpenSSH's one-line format. + +\lcont{ Specifying this option overrides automated host key +management; \e{only} the key(s) specified on the command-line will be +accepted, and the host's key will not be cached. } \S{psftp-manpage-commands} COMMANDS diff --git a/doc/man-putt.but b/doc/man-putt.but index 4c680121..09d60a79 100644 --- a/doc/man-putt.but +++ b/doc/man-putt.but @@ -219,10 +219,20 @@ pseudo-terminal at the server end. \dt \cw{\-i} \e{keyfile} -\dd Specify a private key file to use for authentication. For SSH-2 +\dd Specify a private key file to use for user authentication. For SSH-2 keys, this key file must be in PuTTY's format, not OpenSSH's or anyone else's. +\dt \cw{\-hostkey} \e{key} + +\dd Specify an acceptable host public key. This option may be specified +multiple times; each key can be either a fingerprint (\cw{99:aa:bb:...}) or +a base64-encoded blob in OpenSSH's one-line format. + +\lcont{ Specifying this option overrides automated host key +management; \e{only} the key(s) specified on the command-line will be +accepted, and the host's key will not be cached. } + \dt \cw{\-sercfg} \e{configuration-string} \dd Specify the configuration parameters for the serial port, in diff --git a/pscp.c b/pscp.c index f63e6b59..e56d760f 100644 --- a/pscp.c +++ b/pscp.c @@ -2253,9 +2253,11 @@ static void usage(void) printf(" -1 -2 force use of particular SSH protocol version\n"); printf(" -4 -6 force use of IPv4 or IPv6\n"); printf(" -C enable compression\n"); - printf(" -i key private key file for authentication\n"); + printf(" -i key private key file for user authentication\n"); printf(" -noagent disable use of Pageant\n"); printf(" -agent enable use of Pageant\n"); + printf(" -hostkey aa:bb:cc:...\n"); + printf(" manually specify a host key (may be repeated)\n"); printf(" -batch disable all interactive prompts\n"); printf(" -unsafe allow server-side wildcards (DANGEROUS)\n"); printf(" -sftp force use of SFTP protocol\n"); diff --git a/psftp.c b/psftp.c index c6ed98e9..3fbd0c43 100644 --- a/psftp.c +++ b/psftp.c @@ -2668,9 +2668,11 @@ static void usage(void) printf(" -1 -2 force use of particular SSH protocol version\n"); printf(" -4 -6 force use of IPv4 or IPv6\n"); printf(" -C enable compression\n"); - printf(" -i key private key file for authentication\n"); + printf(" -i key private key file for user authentication\n"); printf(" -noagent disable use of Pageant\n"); printf(" -agent enable use of Pageant\n"); + printf(" -hostkey aa:bb:cc:...\n"); + printf(" manually specify a host key (may be repeated)\n"); printf(" -batch disable all interactive prompts\n"); cleanup_exit(1); } diff --git a/unix/uxplink.c b/unix/uxplink.c index ee45dc04..ab674afe 100644 --- a/unix/uxplink.c +++ b/unix/uxplink.c @@ -570,9 +570,11 @@ static void usage(void) printf(" -1 -2 force use of particular protocol version\n"); printf(" -4 -6 force use of IPv4 or IPv6\n"); printf(" -C enable compression\n"); - printf(" -i key private key file for authentication\n"); + printf(" -i key private key file for user authentication\n"); printf(" -noagent disable use of Pageant\n"); printf(" -agent enable use of Pageant\n"); + printf(" -hostkey aa:bb:cc:...\n"); + printf(" manually specify a host key (may be repeated)\n"); printf(" -m file read remote command(s) from file\n"); printf(" -s remote command is an SSH subsystem (SSH-2 only)\n"); printf(" -N don't start a shell/command (SSH-2 only)\n"); diff --git a/windows/winplink.c b/windows/winplink.c index 451eff3b..169d6bc8 100644 --- a/windows/winplink.c +++ b/windows/winplink.c @@ -200,9 +200,11 @@ static void usage(void) printf(" -1 -2 force use of particular protocol version\n"); printf(" -4 -6 force use of IPv4 or IPv6\n"); printf(" -C enable compression\n"); - printf(" -i key private key file for authentication\n"); + printf(" -i key private key file for user authentication\n"); printf(" -noagent disable use of Pageant\n"); printf(" -agent enable use of Pageant\n"); + printf(" -hostkey aa:bb:cc:...\n"); + printf(" manually specify a host key (may be repeated)\n"); printf(" -m file read remote command(s) from file\n"); printf(" -s remote command is an SSH subsystem (SSH-2 only)\n"); printf(" -N don't start a shell/command (SSH-2 only)\n");