pkcs#11 is no longer optional; improve wording; ok jmc@

5 files changed, 18 insertions, 22 deletions

diff --git a/usr.bin/ssh/ssh-add.1 b/usr.bin/ssh/ssh-add.1
index 619209a19d5..0d5e39272f0 100644
--- a/usr.bin/ssh/ssh-add.1
+++ b/usr.bin/ssh/ssh-add.1
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: ssh-add.1,v 1.50 2010/02/08 22:03:05 jmc Exp $
+.\"	$OpenBSD: ssh-add.1,v 1.51 2010/02/10 23:20:38 markus Exp $
 .\"
 .\"  -*- nroff -*-
 .\"
@@ -37,7 +37,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: February 8 2010 $
+.Dd $Mdocdate: February 10 2010 $
 .Dt SSH-ADD 1
 .Os
 .Sh NAME
@@ -102,7 +102,7 @@ will append
 .Pa .pub
 and retry.
 .It Fl e Ar pkcs11
-Remove key provided by
+Remove keys provided by the PKCS#11 shared library
 .Ar pkcs11 .
 .It Fl L
 Lists public key parameters of all identities currently represented
@@ -110,7 +110,7 @@ by the agent.
 .It Fl l
 Lists fingerprints of all identities currently represented by the agent.
 .It Fl s Ar pkcs11
-Add key provided by
+Add keys provided by the PKCS#11 shared library
 .Ar pkcs11 .
 .It Fl t Ar life
 Set a maximum lifetime when adding identities to an agent.
diff --git a/usr.bin/ssh/ssh-keygen.1 b/usr.bin/ssh/ssh-keygen.1
index c0c323640ac..f09e1a1009b 100644
--- a/usr.bin/ssh/ssh-keygen.1
+++ b/usr.bin/ssh/ssh-keygen.1
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: ssh-keygen.1,v 1.82 2010/02/08 22:03:05 jmc Exp $
+.\"	$OpenBSD: ssh-keygen.1,v 1.83 2010/02/10 23:20:38 markus Exp $
 .\"
 .\"  -*- nroff -*-
 .\"
@@ -37,7 +37,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: February 8 2010 $
+.Dd $Mdocdate: February 10 2010 $
 .Dt SSH-KEYGEN 1
 .Os
 .Sh NAME
@@ -199,9 +199,8 @@ This operation is only supported for RSA1 keys.
 The program will prompt for the file containing the private keys, for
 the passphrase if the key has one, and for the new comment.
 .It Fl D Ar pkcs11
-Download the RSA public keys stored in the
-.Ar pkcs11
-provider.
+Download the RSA public keys provided by the PKCS#11 shared library
+.Ar pkcs11 .
 .It Fl e
 This option will read a private or public OpenSSH key file and
 print the key in
diff --git a/usr.bin/ssh/ssh-pkcs11-helper.8 b/usr.bin/ssh/ssh-pkcs11-helper.8
index 914983fad15..9bdaadc0151 100644
--- a/usr.bin/ssh/ssh-pkcs11-helper.8
+++ b/usr.bin/ssh/ssh-pkcs11-helper.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ssh-pkcs11-helper.8,v 1.2 2010/02/09 08:27:16 markus Exp $
+.\" $OpenBSD: ssh-pkcs11-helper.8,v 1.3 2010/02/10 23:20:38 markus Exp $
 .\"
 .\" Copyright (c) 2010 Markus Friedl.  All rights reserved.
 .\"
@@ -14,19 +14,19 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: February 9 2010 $
+.Dd $Mdocdate: February 10 2010 $
 .Dt SSH-PKCS11-HELPER 8
 .Os
 .Sh NAME
 .Nm ssh-pkcs11-helper
-.Nd ssh helper program for PKCS#11 support
+.Nd ssh-agent helper program for PKCS#11 support
 .Sh SYNOPSIS
 .Nm
 .Sh DESCRIPTION
 .Nm
 is used by
 .Xr ssh-agent 1
-to access keys stored on a PKCS#11 token.
+to access keys provided by a PKCS#11 token.
 .Pp
 .Nm
 is not intended to be invoked by the user, but from
diff --git a/usr.bin/ssh/ssh.1 b/usr.bin/ssh/ssh.1
index 4424e1f60bf..8fcc9b56424 100644
--- a/usr.bin/ssh/ssh.1
+++ b/usr.bin/ssh/ssh.1
@@ -34,8 +34,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh.1,v 1.292 2010/02/08 22:03:05 jmc Exp $
-.Dd $Mdocdate: February 8 2010 $
+.\" $OpenBSD: ssh.1,v 1.293 2010/02/10 23:20:38 markus Exp $
+.Dd $Mdocdate: February 10 2010 $
 .Dt SSH 1
 .Os
 .Sh NAME
@@ -288,10 +288,8 @@ Allows remote hosts to connect to local forwarded ports.
 .It Fl I Ar pkcs11
 Specify the PKCS#11 shared libarary
 .Nm
-should use to communicate with a PKCS#11 token used for storing the user's
+should use to communicate with a PKCS#11 token providing the user's
 private RSA key.
-This option is only available if support for PKCS#11
-is compiled in (default is no support).
 .It Fl i Ar identity_file
 Selects a file from which the identity (private key) for
 RSA or DSA authentication is read.
diff --git a/usr.bin/ssh/ssh_config.5 b/usr.bin/ssh/ssh_config.5
index 350a8eacd94..7ab5d02fdf6 100644
--- a/usr.bin/ssh/ssh_config.5
+++ b/usr.bin/ssh/ssh_config.5
@@ -34,8 +34,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh_config.5,v 1.127 2010/02/08 10:50:20 markus Exp $
-.Dd $Mdocdate: February 8 2010 $
+.\" $OpenBSD: ssh_config.5,v 1.128 2010/02/10 23:20:38 markus Exp $
+.Dd $Mdocdate: February 10 2010 $
 .Dt SSH_CONFIG 5
 .Os
 .Sh NAME
@@ -715,9 +715,8 @@ The default is
 Specifies which PKCS#11 provider to use.
 The argument to this keyword is the PKCS#11 shared libary
 .Xr ssh 1
-should use to communicate with a PKCS#11 token used for storing the user's
+should use to communicate with a PKCS#11 token providing the user's
 private RSA key.
-By default, no device is specified and PKCS#11 support is not activated.
 .It Cm Port
 Specifies the port number to connect on the remote host.
 The default is 22.