From owner-freebsd-current@FreeBSD.ORG Wed Feb 19 21:28:16 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8CC9DCB5; Wed, 19 Feb 2014 21:28:16 +0000 (UTC) Received: from forward9l.mail.yandex.net (forward9l.mail.yandex.net [IPv6:2a02:6b8:0:1819::9]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 45CC21655; Wed, 19 Feb 2014 21:28:16 +0000 (UTC) Received: from smtp3h.mail.yandex.net (smtp3h.mail.yandex.net [84.201.186.20]) by forward9l.mail.yandex.net (Yandex) with ESMTP id 02F37E61027; Thu, 20 Feb 2014 01:28:04 +0400 (MSK) Received: from smtp3h.mail.yandex.net (localhost [127.0.0.1]) by smtp3h.mail.yandex.net (Yandex) with ESMTP id 9B2BC1B435E9; Thu, 20 Feb 2014 01:28:04 +0400 (MSK) Received: from unknown (unknown [178.76.234.16]) by smtp3h.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id Cu3oRduXWN-S4buRccR; Thu, 20 Feb 2014 01:28:04 +0400 (using TLSv1 with cipher AES128-SHA (128/128 bits)) (Client certificate not present) X-Yandex-Uniq: 5a73752b-3cea-44c0-bc34-e586c3d78d5a DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1392845284; bh=RX280lHkt1WwPyIC2BDOgApJn1AJSqvAd/4dBvCcXMM=; h=Message-ID:Date:From:User-Agent:MIME-Version:To:CC:Subject: References:In-Reply-To:Content-Type:Content-Transfer-Encoding; b=fkwv97CQdpLhLX2I/DDir4XEXGnboC1o9DoKHCAumNQNyjm6V2iXJhWtBHvZivo8G 4uYvwV2XIM7xvEItSILGQ4ce8//IjCk1TsiOPmviOA5xAm/MeFxuta3rSAyisvSucx c3U+BVcTqBfZ01wXuUBF3/VBadnXDuToWrhF8CoQ= Authentication-Results: smtp3h.mail.yandex.net; dkim=pass header.i=@yandex.ru Message-ID: <530521DF.4010205@yandex.ru> Date: Thu, 20 Feb 2014 01:27:59 +0400 From: Ruslan Makhmatkhanov User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0 MIME-Version: 1.0 To: Benjamin Kaduk Subject: Re: ssh-keygen -Z References: <53008ECD.2070004@yandex.ru> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: FreeBSD Current X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Feb 2014 21:28:16 -0000 Benjamin Kaduk wrote on 17.02.2014 08:56: > On Sun, 16 Feb 2014, Ruslan Makhmatkhanov wrote: > >> Hello, >> >> there is -Z parameter in ssh-keygen --help output, but no mention of >> it in ssh-keygen's man-page. Any clue what values this parameter accept? > > It is the "new-format ciphername", which can be used for RSA keys if the > new format file is being used, and is used for the elliptic curve keys, > if I'm reading things correctly. I guess that would mean that it accepts > things like "chacha20-poly1305@openssh.com" and "aes256-ctr" (see the > table ciphers[] in cipher.c), though I don't know which ones make sense > to pass in there. > > I guess we should ask the OpenBSD folks to document it, the -Z argument > was added to ssh-keygen.c in r1.237 back in December. > > -Ben Thank you for description! -- Regards, Ruslan T.O.S. Of Reality