From: dtucker@openbsd.org <dtucker@openbsd.org>
Date: Tue, 17 Nov 2020 11:23:58 +0000 (+0000)
Subject: upstream: Specify that the KDF function is bcrypt. Based on github
X-Git-Tag: V_8_5_P1~192
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=85cceda21f1471548e04111aefe2c4943131c1c8;p=thirdparty%2Fopenssh-portable.git

upstream: Specify that the KDF function is bcrypt. Based on github

PR#214 from rafork, ok markus@, mdoc correction jmc@

OpenBSD-Commit-ID: d8f2853e7edbcd483f31b50da77ab80ffa18b4ef
---

diff --git a/ssh-keygen.1 b/ssh-keygen.1
index 96957acf5..e09d6475e 100644
--- a/ssh-keygen.1
+++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: ssh-keygen.1,v 1.210 2020/10/26 00:39:04 dtucker Exp $
+.\"	$OpenBSD: ssh-keygen.1,v 1.211 2020/11/17 11:23:58 dtucker Exp $
 .\"
 .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
 .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -35,7 +35,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: October 26 2020 $
+.Dd $Mdocdate: November 17 2020 $
 .Dt SSH-KEYGEN 1
 .Os
 .Sh NAME
@@ -274,7 +274,9 @@ This is used by
 to generate new host keys.
 .It Fl a Ar rounds
 When saving a private key, this option specifies the number of KDF
-(key derivation function) rounds used.
+(key derivation function, currently
+.Xr bcrypt_pbkdf 3 )
+rounds used.
 Higher numbers result in slower passphrase verification and increased
 resistance to brute-force password cracking (should the keys be stolen).
 The default is 16 rounds.