change underscores to dashes to match the command line argument

docs/admin/authentication.md

@@ -35,13 +35,13 @@ Documentation for other releases can be found at
 
 Kubernetes uses client certificates, tokens, or http basic auth to authenticate users for API calls.
 
-**Client certificate authentication** is enabled by passing the `--client_ca_file=SOMEFILE`
+**Client certificate authentication** is enabled by passing the `--client-ca-file=SOMEFILE`
 option to apiserver. The referenced file must contain one or more certificates authorities
 to use to validate client certificates presented to the apiserver. If a client certificate
 is presented and verified, the common name of the subject is used as the user name for the
 request.
 
-**Token authentication** is enabled by passing the `--token_auth_file=SOMEFILE` option
+**Token authentication** is enabled by passing the `--token-auth-file=SOMEFILE` option
 to apiserver.  Currently, tokens last indefinitely, and the token list cannot
 be changed without restarting apiserver.  We plan in the future for tokens to
 be short-lived, and to be generated as needed rather than stored in a file.
@@ -52,7 +52,7 @@ and is a csv file with 3 columns: token, user name, user uid.
 When using token authentication from an http client the apiserver expects an `Authorization`
 header with a value of `Bearer SOMETOKEN`.
 
-**Basic authentication** is enabled by passing the `--basic_auth_file=SOMEFILE`
+**Basic authentication** is enabled by passing the `--basic-auth-file=SOMEFILE`
 option to apiserver. Currently, the basic auth credentials last indefinitely,
 and the password cannot be changed without restarting apiserver. Note that basic
 authentication is currently supported for convenience while we finish making the