diff options
Diffstat (limited to 'node_modules/sshpk/man/man1')
| -rw-r--r-- | node_modules/sshpk/man/man1/sshpk-conv.1 | 135 | ||||
| -rw-r--r-- | node_modules/sshpk/man/man1/sshpk-sign.1 | 81 | ||||
| -rw-r--r-- | node_modules/sshpk/man/man1/sshpk-verify.1 | 68 |
3 files changed, 284 insertions, 0 deletions
diff --git a/node_modules/sshpk/man/man1/sshpk-conv.1 b/node_modules/sshpk/man/man1/sshpk-conv.1 new file mode 100644 index 0000000..0887dce --- /dev/null +++ b/node_modules/sshpk/man/man1/sshpk-conv.1 @@ -0,0 +1,135 @@ +.TH sshpk\-conv 1 "Jan 2016" sshpk "sshpk Commands" +.SH NAME +.PP +sshpk\-conv \- convert between key formats +.SH SYNOPSYS +.PP +\fB\fCsshpk\-conv\fR \-t FORMAT [FILENAME] [OPTIONS...] +.PP +\fB\fCsshpk\-conv\fR \-i [FILENAME] [OPTIONS...] +.SH DESCRIPTION +.PP +Reads in a public or private key and converts it between different formats, +particularly formats used in the SSH protocol and the well\-known PEM PKCS#1/7 +formats. +.PP +In the second form, with the \fB\fC\-i\fR option given, identifies a key and prints to +stderr information about its nature, size and fingerprint. +.SH EXAMPLES +.PP +Assume the following SSH\-format public key in \fB\fCid_ecdsa.pub\fR: +.PP +.RS +.nf +ecdsa\-sha2\-nistp256 AAAAE2VjZHNhLXNoYTI...9M/4c4= user@host +.fi +.RE +.PP +Identify it with \fB\fC\-i\fR: +.PP +.RS +.nf +$ sshpk\-conv \-i id_ecdsa.pub +id_ecdsa: a 256 bit ECDSA public key +ECDSA curve: nistp256 +Comment: user@host +Fingerprint: + SHA256:vCNX7eUkdvqqW0m4PoxQAZRv+CM4P4fS8+CbliAvS4k + 81:ad:d5:57:e5:6f:7d:a2:93:79:56:af:d7:c0:38:51 +.fi +.RE +.PP +Convert it to \fB\fCpkcs8\fR format, for use with e.g. OpenSSL: +.PP +.RS +.nf +$ sshpk\-conv \-t pkcs8 id_ecdsa +\-\-\-\-\-BEGIN PUBLIC KEY\-\-\-\-\- +MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEAsA4R6N6AS3gzaPBeLjG2ObSgUsR +zOt+kWJoijLnw3ZMYUKmAx+lD0I5XUxdrPcs1vH5f3cn9TvRvO9L0z/hzg== +\-\-\-\-\-END PUBLIC KEY\-\-\-\-\- +.fi +.RE +.PP +Retrieve the public half of a private key: +.PP +.RS +.nf +$ openssl genrsa 2048 | sshpk\-conv \-t ssh \-c foo@bar +ssh\-rsa AAAAB3NzaC1yc2EAAA...koK7 foo@bar +.fi +.RE +.PP +Convert a private key to PKCS#1 (OpenSSL) format from a new\-style OpenSSH key +format (the \fB\fCssh\-keygen \-o\fR format): +.PP +.RS +.nf +$ ssh\-keygen \-o \-f foobar +\&... +$ sshpk\-conv \-p \-t pkcs1 foobar +\-\-\-\-\-BEGIN RSA PRIVATE KEY\-\-\-\-\- +MIIDpAIBAAKCAQEA6T/GYJndb1TRH3+NL.... +\-\-\-\-\-END RSA PRIVATE KEY\-\-\-\-\- +.fi +.RE +.SH OPTIONS +.TP +\fB\fC\-i, \-\-identify\fR +Instead of converting the key, output identifying information about it to +stderr, including its type, size and fingerprints. +.TP +\fB\fC\-p, \-\-private\fR +Treat the key as a private key instead of a public key (the default). If you +supply \fB\fCsshpk\-conv\fR with a private key and do not give this option, it will +extract only the public half of the key from it and work with that. +.TP +\fB\fC\-f PATH, \-\-file=PATH\fR +Input file to take the key from instead of stdin. If a filename is supplied +as a positional argument, it is equivalent to using this option. +.TP +\fB\fC\-o PATH, \-\-out=PATH\fR +Output file name to use instead of stdout. +.PP +\fB\fC\-T FORMAT, \-\-informat=FORMAT\fR +.TP +\fB\fC\-t FORMAT, \-\-outformat=FORMAT\fR +Selects the input and output formats to be used (see FORMATS, below). +.TP +\fB\fC\-c TEXT, \-\-comment=TEXT\fR +Sets the key comment for the output file, if supported. +.SH FORMATS +.PP +Currently supported formats: +.TP +\fB\fCpem, pkcs1\fR +The standard PEM format used by older OpenSSH and most TLS libraries such as +OpenSSL. The classic \fB\fCid_rsa\fR file is usually in this format. It is an ASN.1 +encoded structure, base64\-encoded and placed between PEM headers. +.TP +\fB\fCssh\fR +The SSH public key text format (the format of an \fB\fCid_rsa.pub\fR file). A single +line, containing 3 space separated parts: the key type, key body and optional +key comment. +.TP +\fB\fCpkcs8\fR +A newer PEM format, usually used only for public keys by TLS libraries such +as OpenSSL. The ASN.1 structure is more generic than that of \fB\fCpkcs1\fR\&. +.TP +\fB\fCopenssh\fR +The new \fB\fCssh\-keygen \-o\fR format from OpenSSH. This can be mistaken for a PEM +encoding but is actually an OpenSSH internal format. +.TP +\fB\fCrfc4253\fR +The internal binary format of keys when sent over the wire in the SSH +protocol. This is also the format that the \fB\fCssh\-agent\fR uses in its protocol. +.SH SEE ALSO +.PP +.BR ssh-keygen (1), +.BR openssl (1) +.SH BUGS +.PP +Encrypted (password\-protected) keys are not supported. +.PP +Report bugs at Github +\[la]https://github.com/arekinath/node-sshpk/issues\[ra] diff --git a/node_modules/sshpk/man/man1/sshpk-sign.1 b/node_modules/sshpk/man/man1/sshpk-sign.1 new file mode 100644 index 0000000..749916b --- /dev/null +++ b/node_modules/sshpk/man/man1/sshpk-sign.1 @@ -0,0 +1,81 @@ +.TH sshpk\-sign 1 "Jan 2016" sshpk "sshpk Commands" +.SH NAME +.PP +sshpk\-sign \- sign data using an SSH key +.SH SYNOPSYS +.PP +\fB\fCsshpk\-sign\fR \-i KEYPATH [OPTION...] +.SH DESCRIPTION +.PP +Takes in arbitrary bytes, and signs them using an SSH private key. The key can +be of any type or format supported by the \fB\fCsshpk\fR library, including the +standard OpenSSH formats, as well as PEM PKCS#1 and PKCS#8. +.PP +The signature is printed out in Base64 encoding, unless the \fB\fC\-\-binary\fR or \fB\fC\-b\fR +option is given. +.SH EXAMPLES +.PP +Signing with default settings: +.PP +.RS +.nf +$ printf 'foo' | sshpk\-sign \-i ~/.ssh/id_ecdsa +MEUCIAMdLS/vXrrtWFepwe... +.fi +.RE +.PP +Signing in SSH (RFC 4253) format (rather than the default ASN.1): +.PP +.RS +.nf +$ printf 'foo' | sshpk\-sign \-i ~/.ssh/id_ecdsa \-t ssh +AAAAFGVjZHNhLXNoYTIt... +.fi +.RE +.PP +Saving the binary signature to a file: +.PP +.RS +.nf +$ printf 'foo' | sshpk\-sign \-i ~/.ssh/id_ecdsa \\ + \-o signature.bin \-b +$ cat signature.bin | base64 +MEUCIAMdLS/vXrrtWFepwe... +.fi +.RE +.SH OPTIONS +.TP +\fB\fC\-v, \-\-verbose\fR +Print extra information about the key and signature to stderr when signing. +.TP +\fB\fC\-b, \-\-binary\fR +Don't base64\-encode the signature before outputting it. +.TP +\fB\fC\-i KEY, \-\-identity=KEY\fR +Select the key to be used for signing. \fB\fCKEY\fR must be a relative or absolute +filesystem path to the key file. Any format supported by the \fB\fCsshpk\fR library +is supported, including OpenSSH formats and standard PEM PKCS. +.TP +\fB\fC\-f PATH, \-\-file=PATH\fR +Input file to sign instead of stdin. +.TP +\fB\fC\-o PATH, \-\-out=PATH\fR +Output file to save signature in instead of stdout. +.TP +\fB\fC\-H HASH, \-\-hash=HASH\fR +Set the hash algorithm to be used for signing. This should be one of \fB\fCsha1\fR, +\fB\fCsha256\fR or \fB\fCsha512\fR\&. Some key types may place restrictions on which hash +algorithms may be used (e.g. ED25519 keys can only use SHA\-512). +.TP +\fB\fC\-t FORMAT, \-\-format=FORMAT\fR +Choose the signature format to use, from \fB\fCasn1\fR, \fB\fCssh\fR or \fB\fCraw\fR (only for +ED25519 signatures). The \fB\fCasn1\fR format is the default, as it is the format +used with TLS and typically the standard in most non\-SSH libraries (e.g. +OpenSSL). The \fB\fCssh\fR format is used in the SSH protocol and by the ssh\-agent. +.SH SEE ALSO +.PP +.BR sshpk-verify (1) +.SH BUGS +.PP +Report bugs at Github +\[la]https://github.com/arekinath/node-sshpk/issues\[ra] diff --git a/node_modules/sshpk/man/man1/sshpk-verify.1 b/node_modules/sshpk/man/man1/sshpk-verify.1 new file mode 100644 index 0000000..f79169d --- /dev/null +++ b/node_modules/sshpk/man/man1/sshpk-verify.1 @@ -0,0 +1,68 @@ +.TH sshpk\-verify 1 "Jan 2016" sshpk "sshpk Commands" +.SH NAME +.PP +sshpk\-verify \- verify a signature on data using an SSH key +.SH SYNOPSYS +.PP +\fB\fCsshpk\-verify\fR \-i KEYPATH \-s SIGNATURE [OPTION...] +.SH DESCRIPTION +.PP +Takes in arbitrary bytes and a Base64\-encoded signature, and verifies that the +signature was produced by the private half of the given SSH public key. +.SH EXAMPLES +.PP +.RS +.nf +$ printf 'foo' | sshpk\-verify \-i ~/.ssh/id_ecdsa \-s MEUCIQCYp... +OK +$ printf 'foo' | sshpk\-verify \-i ~/.ssh/id_ecdsa \-s GARBAGE... +NOT OK +.fi +.RE +.SH EXIT STATUS +.TP +\fB\fC0\fR +Signature validates and matches the key. +.TP +\fB\fC1\fR +Signature is parseable and the correct length but does not match the key or +otherwise is invalid. +.TP +\fB\fC2\fR +The signature or key could not be parsed. +.TP +\fB\fC3\fR +Invalid commandline options were supplied. +.SH OPTIONS +.TP +\fB\fC\-v, \-\-verbose\fR +Print extra information about the key and signature to stderr when verifying. +.TP +\fB\fC\-i KEY, \-\-identity=KEY\fR +Select the key to be used for verification. \fB\fCKEY\fR must be a relative or +absolute filesystem path to the key file. Any format supported by the \fB\fCsshpk\fR +library is supported, including OpenSSH formats and standard PEM PKCS. +.TP +\fB\fC\-s BASE64, \-\-signature=BASE64\fR +Supplies the base64\-encoded signature to be verified. +.TP +\fB\fC\-f PATH, \-\-file=PATH\fR +Input file to verify instead of stdin. +.TP +\fB\fC\-H HASH, \-\-hash=HASH\fR +Set the hash algorithm to be used for signing. This should be one of \fB\fCsha1\fR, +\fB\fCsha256\fR or \fB\fCsha512\fR\&. Some key types may place restrictions on which hash +algorithms may be used (e.g. ED25519 keys can only use SHA\-512). +.TP +\fB\fC\-t FORMAT, \-\-format=FORMAT\fR +Choose the signature format to use, from \fB\fCasn1\fR, \fB\fCssh\fR or \fB\fCraw\fR (only for +ED25519 signatures). The \fB\fCasn1\fR format is the default, as it is the format +used with TLS and typically the standard in most non\-SSH libraries (e.g. +OpenSSL). The \fB\fCssh\fR format is used in the SSH protocol and by the ssh\-agent. +.SH SEE ALSO +.PP +.BR sshpk-sign (1) +.SH BUGS +.PP +Report bugs at Github +\[la]https://github.com/arekinath/node-sshpk/issues\[ra] |