- stevesk@cvs.openbsd.org 2001/11/21 18:49:14

[ssh-keygen.1] more on passphrase construction; ok markus@
author: Ben Lindstrom <mouring@eviladmin.org> 2001-12-06 16:43:21 +0000
committer: Ben Lindstrom <mouring@eviladmin.org> 2001-12-06 16:43:21 +0000
commit: 4e366d5048aeb92c190efa2102cc7ec59e0318fd (patch)
tree: 92dd06b85db01830b67826351926e0983420e6c8 /ssh-keygen.1
parent: 4cbc181983731e5c2a7a3bca2654f6b64b35925d (diff)
1 files changed, 7 insertions, 3 deletions
diff --git a/ssh-keygen.1 b/ssh-keygen.1
index 622cb5c99..d8baa43bc 100644
--- a/ssh-keygen.1
+++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: ssh-keygen.1,v 1.50 2001/10/25 21:14:32 markus Exp $
+.\"	$OpenBSD: ssh-keygen.1,v 1.51 2001/11/21 18:49:14 stevesk Exp $
 .\"
 .\"  -*- nroff -*-
 .\"
@@ -111,10 +111,14 @@ The program also asks for a passphrase.
 The passphrase may be empty to indicate no passphrase
 (host keys must have an empty passphrase), or it may be a string of
 arbitrary length.
-Good passphrases are 10-30 characters long and are
+A passphrase is similar to a password, except it can be a phrase with a
+series of words, punctuation, numbers, whitespace, or any string of
+characters you want.
+Good passphrases are 10-30 characters long, are
 not simple sentences or otherwise easily guessable (English
 prose has only 1-2 bits of entropy per character, and provides very bad
-passphrases).
+passphrases), and contain a mix of upper and lowercase letters,
+numbers, and non-alphanumeric characters.
 The passphrase can be changed later by using the
 .Fl p
 option.
author	Ben Lindstrom <mouring@eviladmin.org>	2001-12-06 16:43:21 +0000
committer	Ben Lindstrom <mouring@eviladmin.org>	2001-12-06 16:43:21 +0000
commit	4e366d5048aeb92c190efa2102cc7ec59e0318fd (patch)
tree	92dd06b85db01830b67826351926e0983420e6c8 /ssh-keygen.1
parent	4cbc181983731e5c2a7a3bca2654f6b64b35925d (diff)