-.\" $OpenBSD: ssh-keygen.1,v 1.51 2001/11/21 18:49:14 stevesk Exp $
+.\" $OpenBSD: ssh-keygen.1,v 1.55 2002/11/26 02:35:30 stevesk Exp $
.\"
.\" -*- nroff -*-
.\"
.Nm ssh-keygen
.Op Fl q
.Op Fl b Ar bits
-.Op Fl t Ar type
+.Fl t Ar type
.Op Fl N Ar new_passphrase
.Op Fl C Ar comment
.Op Fl f Ar output_keyfile
generates, manages and converts authentication keys for
.Xr ssh 1 .
.Nm
-defaults to generating a RSA1 key for use by SSH protocol version 1.
-Specifying the
+can create RSA keys for use by SSH protocol version 1 and RSA or DSA
+keys for use by SSH protocol version 2. The type of key to be generated
+is specified with the
.Fl t
-option instead creates a key for use by SSH protocol version 2.
+option.
.Pp
Normally each user wishing to use SSH
with RSA or DSA authentication runs this once to create the authentication
.It Fl b Ar bits
Specifies the number of bits in the key to create.
Minimum is 512 bits.
-Generally 1024 bits is considered sufficient, and key sizes
-above that no longer improve security but make things slower.
+Generally, 1024 bits is considered sufficient.
The default is 1024 bits.
.It Fl c
Requests changing the comment in the private and public key files.
or
.Dq dsa
for protocol version 2.
-The default is
-.Dq rsa1 .
.It Fl B
Show the bubblebabble digest of specified private or public key file.
.It Fl C Ar comment