On Tue, Sep 02, 2014 at 04:11:52PM -0700, Eitan Adler wrote: > On 2 September 2014 15:52, Aidan Feldman <aidan.feldman@xxxxxxxxx> > wrote: > > I am going to preface this email by saying that I know very little > > about OpenSSH internals, the protocol, etc. > > > > I do a lot of work with novice programmers, and one step that comes > > up relatively early is generating SSH keys. In case you haven't > > done it in a while, the output looks like this: > > > > $ ssh-keygen -t rsa Generating public/private rsa key pair. Enter > > file in which to save the key (/Users/aidan/.ssh/id_rsa): Enter > > passphrase (empty for no passphrase): > > > > When that last step comes up, I am regularly asked, "Does it mean > > the system password, or a new one?" A slight tweak of the language > > could easily eliminate that confusion... something like "Enter > > passphrase for the new key" or "Enter new passphrase". > > Perhaps "Enter new passphrase to encrypt the key (empty for no > encryption):" > > This makes it clear that it needs to be a new phrase, and what it will > be used for. You might also consider helping your users get into the good habit of reading documentation. Not all software suites have good docs but OpenSSH does a pretty job of it. Take for example this excerpt from the ssh-keygen manpage: "The program also asks for a passphrase. The passphrase may be empty to indicate no passphrase (host keys must have an empty passphrase), or it may be a string of arbitrary length. A passphrase is similar to a password, except it can be a phrase with a series of words, punctuation, numbers..." --mancha
Attachment:
pgphObZZ7INTD.pgp
Description: PGP signature
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev