From 1feccafe3e0ff156f6b5f35d9bbb40c002023ed1 Mon Sep 17 00:00:00 2001 From: Dirk Wetter Date: Sat, 17 Jun 2017 16:09:16 +0200 Subject: [PATCH] completed 1st paragraph, experimented with formatting for ronn(1) --- Man-page.md | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/Man-page.md b/Man-page.md index 034ee5d..d1fbf8c 100644 --- a/Man-page.md +++ b/Man-page.md @@ -8,20 +8,22 @@ testssl.sh [OPTIONS]... [FILE|URI]... ### DESCRIPTION -testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and much more. +testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as cryptographic flaws and much more. Options are either short or long options. All options requiring a value can be called with or without '=' e.g. ``testssl.sh -t=smtp --wide --openssl=/usr/bin/openssl `` is equivalent to ``testssl.sh --starttls smtp --wide --openssl /usr/bin/openssl ``. Some options can also be preset via ENV variables. ``WIDE=true OPENSSL=/usr/bin/openssl testssl.sh --starttls smtp `` would be the equivalent to the aforementioned examples. Preference has the command line over ENV. \ or \ needs always to be the last parameter. ##### BANNER OPTIONS +``-h, --help`` command line help + +``-b, --banner`` displays testssl.sh banner, including license, usage conditions, version of testssl.sh, detected openssl version, its path to it, # of ciphers of openssl, its build date and the architecture + +``-v, --version`` same as before + +``-V, --local `` +``-V, --local`` pretty print all local ciphers supported by openssl version. If a pattern is supplied it performs a match (ignore case) on any of the pattern supplied in the wide output, see below. The pattern will be search in the any of the columns: hexcode, cipher suite name (OpenSSL or RFC), key exchange, encryption, bits. It does a word pattern match for non-numbers. Numbers here are currently defined as [0-9,A-F]. This means that the pattern CBC is matched as non-word, but AES as word. - -h, --help what you're looking at - -b, --banner displays banner + version of testssl.sh - -v, --version same as previous - -V, --local pretty print all local ciphers - -V, --local which local ciphers with are available? - (if pattern not a number: word match) ##### INPUT PARAMETERS URI {host,ip,URL}: (port 443 is assumed unless otherwise specified)