Lines Matching full:may

215 Additionally, the system administrator may use this to generate host keys,
225 The passphrase may be empty to indicate no passphrase
226 (host keys must have an empty passphrase), or it may be a string of
249 The key comment may be useful to help identify the key.
261 This may be used when generating new keys, and existing new-format
262 keys may be converted using this option in conjunction with the
347 This option is useful to find hashed host names or addresses and may also be
364 These hashes may be used normally by
409 Keys/certificates to be revoked may be specified by public key file or
438 The results of this operation may be added to the
452 The latter may be used to convert between OpenSSH private key and PEM
474 Multiple principals may be specified, separated by commas.
486 section may be specified here.
491 section may be specified.
495 section may be specified.
514 The time may be specified as a date or time in the YYYYMMDD[Z] or
538 option may be specified multiple times.
593 This flag may also be used to specify the desired signature type when
620 A validity interval may consist of a single time, indicating that the
621 certificate is valid beginning now and expiring at that time, or may consist
624 The start time may be specified as:
646 The end time may be specified similarly to the start time:
681 Valid from roughly early 1970 to May 2033.
750 option and may refer to either a private key, or a public key with the private
758 Namespaces are arbitrary strings, and may include:
787 The revocation file may be a KRL or a one-per-line list of public keys.
797 The list of available ciphers may be obtained using
828 The desired length of the primes may be specified by the
837 This may be overridden using the
843 This may be performed using the
856 This may be overridden using the
861 If a specific generator is desired, it may be requested using the
866 Screened DH groups may be installed in
895 supports signing of keys to produce certificates that may be used for
900 Clients or servers may then trust only the CA key and verify its signature
947 Certificates may be limited to be valid for a set of principal (user/host)
955 Additional limitations on the validity and use of user certificates may
957 A certificate option may disable features of the SSH session, may be
958 valid only when presented from particular source addresses or may
966 This is useful for clearing the default set of permissions so permissions may
981 Extensions may be ignored by a client or server that does not recognise them,
1054 but other methods may be supported in the future.
1059 Finally, certificates may be defined with a validity lifetime.
1078 they may be used much like any other key type supported by OpenSSH, so
1098 This may be useful when generating host or domain-specific resident keys.
1104 The challenge string may be used as part of an out-of-band
1122 Resident keys may be supported on FIDO2 authenticators and typically
1124 Resident keys may be loaded off the authenticator using
1131 Specifying a username may be useful when generating multiple resident keys
1138 but other methods may be supported in the future.
1152 KRLs may be generated using the
1157 The files may either contain a KRL specification (see below) or public keys,
1164 types of record used to revoke keys and may be used to directly revoke
1172 Serial numbers are 64-bit values, not including zero and may be expressed
1208 KRLs may be updated using the
1255 that certificates signed by this CA may be accepted for verification.
1263 which may be a date or time in the YYYYMMDD[Z] or YYYYMMDDHHMM[SS][Z] formats.