ssh-keygen -Z
Benjamin Kaduk
bjk at freebsd.org
Mon Feb 17 05:01:15 UTC 2014
On Sun, 16 Feb 2014, Ruslan Makhmatkhanov wrote:
> Hello,
>
> there is -Z parameter in ssh-keygen --help output, but no mention of it in
> ssh-keygen's man-page. Any clue what values this parameter accept?
It is the "new-format ciphername", which can be used for RSA keys if the
new format file is being used, and is used for the elliptic curve keys, if
I'm reading things correctly. I guess that would mean that it accepts
things like "chacha20-poly1305 at openssh.com" and "aes256-ctr" (see the
table ciphers[] in cipher.c), though I don't know which ones make sense to
pass in there.
I guess we should ask the OpenBSD folks to document it, the -Z argument
was added to ssh-keygen.c in r1.237 back in December.
-Ben
More information about the freebsd-current
mailing list