From e85b159d87b6b25a1d475b079902a708d7da1e9a Mon Sep 17 00:00:00 2001 From: Jacob Nevins Date: Mon, 2 Mar 2020 23:36:09 +0000 Subject: [PATCH] Minimally document key generation novelties. Covers Ed448 (and the user interface change to "EdDSA"), and the prime generation method. (Both of these need better words, really.) --- doc/config.but | 5 ++++- doc/index.but | 9 +++++++++ doc/man-pg.but | 20 +++++++++++++++----- doc/pubkey.but | 29 +++++++++++++++++++++++++---- 4 files changed, 53 insertions(+), 10 deletions(-) diff --git a/doc/config.but b/doc/config.but index cdc71d7c..355ef8bc 100644 --- a/doc/config.but +++ b/doc/config.but @@ -2534,9 +2534,12 @@ Configuration is similar to cipher selection (see PuTTY currently supports the following host key types: -\b \q{Ed25519}: \i{Edwards-curve} \i{DSA} using a twisted Edwards +\b \q{\i{Ed25519}}: \I{EdDSA}Edwards-curve DSA using a twisted Edwards curve with modulus \cw{2^255-19}. +\b \q{\i{Ed448}}: another \I{EdDSA}Edwards-curve DSA type. +\#{XXX-REVIEW-BEFORE-RELEASE: better description} + \b \q{ECDSA}: \i{elliptic curve} \i{DSA} using one of the NIST-standardised elliptic curves. diff --git a/doc/index.but b/doc/index.but index cd68d504..da6d083a 100644 --- a/doc/index.but +++ b/doc/index.but @@ -795,6 +795,9 @@ saved sessions from \IM{DSA} DSA \IM{DSA} Digital Signature Standard +\IM{EdDSA} EdDSA +\IM{EdDSA} Edwards-curve DSA + \IM{public-key algorithm} public-key algorithm \IM{public-key algorithm} asymmetric key algorithm \IM{public-key algorithm} algorithm, public-key @@ -805,6 +808,12 @@ saved sessions from \IM{generating keys} public keys, generating \IM{generating keys} private keys, generating +\IM{probable primes} probable primes +\IM{probable primes} primes, probable + +\IM{proven primes} proven primes +\IM{proven primes} primes, proven + \IM{authorized_keys file}{authorized_keys} \cw{authorized_keys} file \IM{key fingerprint} fingerprint, of SSH authentication key diff --git a/doc/man-pg.but b/doc/man-pg.but index 7e244d15..20f52983 100644 --- a/doc/man-pg.but +++ b/doc/man-pg.but @@ -8,8 +8,8 @@ \S{puttygen-manpage-synopsis} SYNOPSIS -\c puttygen ( keyfile | -t keytype [ -b bits ] ) -\e bbbbbbbb iiiiiii bb iiiiiii bb iiii +\c puttygen ( keyfile | -t keytype [ -b bits ] [ --primes method ] ) +\e bbbbbbbb iiiiiii bb iiiiiii bb iiii bbbbbbbb iiiiii \c [ -C new-comment ] [ -P ] [ -q ] \e bb iiiiiiiiiii bb bb \c [ -O output-type | -l | -L | -p ] @@ -63,12 +63,22 @@ OpenSSH format, or the standard SSH-1 format. \dt \cw{\-t} \e{keytype} \dd Specify a type of key to generate. The acceptable values here are -\c{rsa}, \c{dsa}, \c{ecdsa}, and \c{ed25519} (to generate SSH-2 keys), -and \c{rsa1} (to generate SSH-1 keys). +\c{rsa}, \c{dsa}, \c{ecdsa}, \c{eddsa}, \c{ed25519}, and \c{ed448} +(to generate SSH-2 keys), and \c{rsa1} (to generate SSH-1 keys). \dt \cw{\-b} \e{bits} -\dd Specify the size of the key to generate, in bits. Default is 2048. +\dd Specify the size of the key to generate, in bits. Default for +\c{rsa} and \c{dsa} keys is 2048. + +\dt \cw{\-\-primes} \e{method} + +\dd Method for generating prime numbers. The acceptable values here +are \c{probable} (the default), \c{proven}, and \c{proven-even}; the +the later methods are slower. (Various synonyms for these method +names are also accepted.) +\#{XXX-REVIEW-BEFORE-RELEASE: explain in more detail why you would +want to fiddle with this} \dt \cw{\-q} diff --git a/doc/pubkey.but b/doc/pubkey.but index 9a360e72..2d9c9019 100644 --- a/doc/pubkey.but +++ b/doc/pubkey.but @@ -64,7 +64,7 @@ The key types supported by PuTTY are described in \k{puttygen-keytype}. PuTTYgen is a key generator. It \I{generating keys}generates pairs of public and private keys to be used with PuTTY, PSCP, and Plink, as well as the PuTTY authentication agent, Pageant (see \k{pageant}). PuTTYgen -generates RSA, DSA, ECDSA, and Ed25519 keys. +generates RSA, DSA, ECDSA, and EdDSA keys. When you run PuTTYgen you will see a window where you have two main choices: \q{Generate}, to generate a new public/private key pair, or @@ -117,8 +117,8 @@ different key types. PuTTYgen can generate: \b An \i{ECDSA} (\i{elliptic curve} DSA) key for use with the SSH-2 protocol. -\b An \i{Ed25519} key (another elliptic curve algorithm) for use -with the SSH-2 protocol. +\b An \i{EdDSA} key (Edwards-curve DSA, another elliptic curve +algorithm) for use with the SSH-2 protocol. PuTTYgen can also generate an RSA key suitable for use with the old SSH-1 protocol (which only supports RSA); for this, you need to select @@ -137,7 +137,28 @@ of the key PuTTYgen will generate. \b For ECDSA, only 256, 384, and 521 bits are supported. (ECDSA offers equivalent security to RSA with smaller key sizes.) -\b For Ed25519, the only valid size is 256 bits. +\b For EdDSA, the only valid sizes are 255 bits (these keys are also +known as \q{\i{Ed25519}} and are commonly used) and 448 bits +(\q{\i{Ed448}}, which is much less common at the time of writing). +(256 is also accepted for backward compatibility, but the effect is +the same as 255.) + +\S{puttygen-primes} Selecting the \i{prime generation method} + +On the \q{Key} menu, you can also optionally change the method for +generating the prime numbers used in the generated key. This affects +the quality of the key, but not its compatibility. The default method +is usually fine. The available methods are: + +\b Use \i{probable primes} (fast) + +\b Use \i{proven primes} (slower) + +\b Use proven primes with even distribution (slowest) + +\#{XXX-REVIEW-BEFORE-RELEASE: really need more words here, about why +you'd fiddle with this, and particularly around why 'probable' is ever +considered fine} \S{puttygen-generate} The \q{Generate} button