Lines Matching full:may

214 Additionally, the system administrator may use this to generate host keys,
224 The passphrase may be empty to indicate no passphrase
225 (host keys must have an empty passphrase), or it may be a string of
248 The key comment may be useful to help identify the key.
260 This may be used when generating new keys, and existing new-format
261 keys may be converted using this option in conjunction with the
345 This option is useful to find hashed host names or addresses and may also be
362 These hashes may be used normally by
407 Keys/certificates to be revoked may be specified by public key file or
435 The results of this operation may be added to the
449 The latter may be used to convert between OpenSSH private key and PEM
471 Multiple principals may be specified, separated by commas.
483 section may be specified here.
488 section may be specified.
492 section may be specified.
511 The time may be specified as a date or time in the YYYYMMDD[Z] or
535 option may be specified multiple times.
589 This flag may also be used to specify the desired signature type when
616 A validity interval may consist of a single time, indicating that the
617 certificate is valid beginning now and expiring at that time, or may consist
620 The start time may be specified as:
642 The end time may be specified similarly to the start time:
677 Valid from roughly early 1970 to May 2033.
746 option and may refer to either a private key, or a public key with the private
754 Namespaces are arbitrary strings, and may include:
783 The revocation file may be a KRL or a one-per-line list of public keys.
793 The list of available ciphers may be obtained using
824 The desired length of the primes may be specified by the
833 This may be overridden using the
839 This may be performed using the
852 This may be overridden using the
857 If a specific generator is desired, it may be requested using the
862 Screened DH groups may be installed in
891 supports signing of keys to produce certificates that may be used for
896 Clients or servers may then trust only the CA key and verify its signature
943 Certificates may be limited to be valid for a set of principal (user/host)
951 Additional limitations on the validity and use of user certificates may
953 A certificate option may disable features of the SSH session, may be
954 valid only when presented from particular source addresses or may
962 This is useful for clearing the default set of permissions so permissions may
977 Extensions may be ignored by a client or server that does not recognise them,
1050 but other methods may be supported in the future.
1055 Finally, certificates may be defined with a validity lifetime.
1074 they may be used much like any other key type supported by OpenSSH, so
1094 This may be useful when generating host or domain-specific resident keys.
1100 The challenge string may be used as part of an out-of-band
1118 Resident keys may be supported on FIDO2 authenticators and typically
1120 Resident keys may be loaded off the authenticator using
1127 Specifying a username may be useful when generating multiple resident keys
1134 but other methods may be supported in the future.
1148 KRLs may be generated using the
1153 The files may either contain a KRL specification (see below) or public keys,
1160 types of record used to revoke keys and may be used to directly revoke
1168 Serial numbers are 64-bit values, not including zero and may be expressed
1204 KRLs may be updated using the
1251 that certificates signed by this CA may be accepted for verification.
1259 which may be a date or time in the YYYYMMDD[Z] or YYYYMMDDHHMM[SS][Z] formats.