summaryrefslogtreecommitdiff
path: root/man
diff options
context:
space:
mode:
authorDaniel Kahn Gillmor <dkg@fifthhorseman.net>2009-03-01 13:54:25 -0500
committerDaniel Kahn Gillmor <dkg@fifthhorseman.net>2009-03-01 13:54:25 -0500
commit5de3fdc4fc82f56175f52f6e46065f56e858d97c (patch)
tree83ff29679887d697d672b4e32557f575ee0e1736 /man
parent2232cf43eed47ab45c7f39ca66cfbde54a602d59 (diff)
fix openpgp2ssh man page to reflect new implementation.
Diffstat (limited to 'man')
-rw-r--r--man/man1/openpgp2ssh.140
1 files changed, 17 insertions, 23 deletions
diff --git a/man/man1/openpgp2ssh.1 b/man/man1/openpgp2ssh.1
index 8374a9f..9b0d1a4 100644
--- a/man/man1/openpgp2ssh.1
+++ b/man/man1/openpgp2ssh.1
@@ -28,13 +28,13 @@ fingerprint of the key or subkey desired, but
will accept as few as the last 8 digits of the fingerprint as a key
ID.
.Pp
-If the input contains an OpenPGP RSA or DSA public key, it will be
-converted to the OpenSSH-style single-line keystring, prefixed with
-the key type. This format is suitable (with minor alterations) for
+If the input contains an OpenPGP RSA public key, it will be converted
+to the OpenSSH-style single-line keystring, prefixed with the key type
+(ssh-rsa). This format is suitable (with minor alterations) for
insertion into known_hosts files and authorized_keys files.
.Pp
-If the input contains an OpenPGP RSA or DSA secret key, it will be
-converted to the equivalent PEM-encoded private key.
+If the input contains an OpenPGP RSA secret key, it will be converted
+to the equivalent PEM-encoded private key.
.Pp
.Nm
is part of the
@@ -47,15 +47,10 @@ intentional, since ssh attaches no inherent significance to these
features.
.Pp
.Nm
-only works with RSA or DSA keys, because those are the
-only ones which work with ssh.
-.Pp
-Assuming a valid key type, though,
-.Nm
-will produce output for
-any requested key. This means, among other things, that it will
-happily export revoked keys, unverifiable keys, expired keys, etc.
-Make sure you do your own key validation before using this tool!
+will produce output for any requested RSA key. This means, among
+other things, that it will happily export revoked keys, unverifiable
+keys, expired keys, etc. Make sure you do your own key validation
+before using this tool!
.Sh EXAMPLES
.Nm gpg --export-secret-key $KEYID | openpgp2ssh $KEYID | ssh-add -c /dev/stdin
.Pp
@@ -72,6 +67,14 @@ and this man page were written by Daniel Kahn Gillmor
<dkg@fifthhorseman.net>.
.Sh BUGS
.Nm
+only works with RSA keys. DSA keys are the only other key type
+available in both OpenPGP and SSH, but they are currently unsupported
+by this utility.
+.Pp
+.Nm
+only accepts raw OpenPGP packets on standard input. It does not
+accept ASCII-armored input.
+.Nm
Currently only exports into formats used by the OpenSSH.
It should support other key output formats, such as those used by
lsh(1) and putty(1).
@@ -80,15 +83,6 @@ Secret key output is currently not passphrase-protected.
.Pp
.Nm
currently cannot handle passphrase-protected secret keys on input.
-.Pp
-Key identifiers consisting of an odd number of hex digits are not
-accepted. Users who use a key ID with a standard length of 8, 16, or
-40 hex digits should not be affected by this.
-.Pp
-.Nm
-only acts on keys associated with the first primary key
-passed in. If you send it more than one primary key, it will silently
-ignore later ones.
.Sh SEE ALSO
.Xr pem2openpgp 1 ,
.Xr monkeysphere 1 ,