From 5de3fdc4fc82f56175f52f6e46065f56e858d97c Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sun, 1 Mar 2009 13:54:25 -0500 Subject: [PATCH] fix openpgp2ssh man page to reflect new implementation. --- man/man1/openpgp2ssh.1 | 40 +++++++++++++++++----------------------- 1 file changed, 17 insertions(+), 23 deletions(-) diff --git a/man/man1/openpgp2ssh.1 b/man/man1/openpgp2ssh.1 index 8374a9f..9b0d1a4 100644 --- a/man/man1/openpgp2ssh.1 +++ b/man/man1/openpgp2ssh.1 @@ -28,13 +28,13 @@ fingerprint of the key or subkey desired, but will accept as few as the last 8 digits of the fingerprint as a key ID. .Pp -If the input contains an OpenPGP RSA or DSA public key, it will be -converted to the OpenSSH-style single-line keystring, prefixed with -the key type. This format is suitable (with minor alterations) for +If the input contains an OpenPGP RSA public key, it will be converted +to the OpenSSH-style single-line keystring, prefixed with the key type +(ssh-rsa). This format is suitable (with minor alterations) for insertion into known_hosts files and authorized_keys files. .Pp -If the input contains an OpenPGP RSA or DSA secret key, it will be -converted to the equivalent PEM-encoded private key. +If the input contains an OpenPGP RSA secret key, it will be converted +to the equivalent PEM-encoded private key. .Pp .Nm is part of the @@ -47,15 +47,10 @@ intentional, since ssh attaches no inherent significance to these features. .Pp .Nm -only works with RSA or DSA keys, because those are the -only ones which work with ssh. -.Pp -Assuming a valid key type, though, -.Nm -will produce output for -any requested key. This means, among other things, that it will -happily export revoked keys, unverifiable keys, expired keys, etc. -Make sure you do your own key validation before using this tool! +will produce output for any requested RSA key. This means, among +other things, that it will happily export revoked keys, unverifiable +keys, expired keys, etc. Make sure you do your own key validation +before using this tool! .Sh EXAMPLES .Nm gpg --export-secret-key $KEYID | openpgp2ssh $KEYID | ssh-add -c /dev/stdin .Pp @@ -72,6 +67,14 @@ and this man page were written by Daniel Kahn Gillmor . .Sh BUGS .Nm +only works with RSA keys. DSA keys are the only other key type +available in both OpenPGP and SSH, but they are currently unsupported +by this utility. +.Pp +.Nm +only accepts raw OpenPGP packets on standard input. It does not +accept ASCII-armored input. +.Nm Currently only exports into formats used by the OpenSSH. It should support other key output formats, such as those used by lsh(1) and putty(1). @@ -80,15 +83,6 @@ Secret key output is currently not passphrase-protected. .Pp .Nm currently cannot handle passphrase-protected secret keys on input. -.Pp -Key identifiers consisting of an odd number of hex digits are not -accepted. Users who use a key ID with a standard length of 8, 16, or -40 hex digits should not be affected by this. -.Pp -.Nm -only acts on keys associated with the first primary key -passed in. If you send it more than one primary key, it will silently -ignore later ones. .Sh SEE ALSO .Xr pem2openpgp 1 , .Xr monkeysphere 1 , -- 2.25.1