Bug 2904 - ssh-keygen -m is accepted also for key generation
Summary: ssh-keygen -m is accepted also for key generation
Status: CLOSED FIXED
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: Documentation (show other bugs)
Version: 7.7p1
Hardware: Other Linux
: P5 enhancement
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks: V_8_0
  Show dependency treegraph
 
Reported: 2018-09-13 22:02 AEST by Jakub Jelen
Modified: 2021-04-23 14:55 AEST (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jakub Jelen 2018-09-13 22:02:39 AEST 
Then -m switch was used only for the key import and export, but for some time, it can be also used for key generation. This is important mostly after the key format change to OpenSSH when one needs a interoperability with tools not supporting this format.

 * Add the -m to the first synopsis line:

    ssh-keygen [-q] [-m key_format] [-b bits] [-t dsa | ecdsa | ed25519 | rsa] [-N new_passphrase] [-C comment] [-f output_keyfile]

 * Change the description of the -m option to

    Specify a key format for the -i (import), -e (export) conversion options or -m (key generation) option.
Comment 1 Jakub Jelen 2018-09-21 23:49:16 AEST 
The -m switch is also accepted for the passphrase change of ssh-keygen, which is not documented either.

With the light of the new OpenSSH key format by default, the manual page for the ssh-keygen should be updated with some simple hint how to convert PEM to OpenSSH and back, since this is pretty common requirement, but the manual page is not helpful in this way -- the -i nor -e do not work and only way I found that worked for me was changing passphrase to convert to new key format (or old one).
Comment 2 Damien Miller 2019-01-22 22:41:03 AEDT 
I've committed some manpage tweaks for these
Comment 3 Damien Miller 2021-04-23 14:55:00 AEST 
closing resolved bugs as of 8.6p1 release