| version 1.117, 2013/12/07 08:08:26 |
version 1.118, 2013/12/07 11:58:46 |
|
|
| generates, manages and converts authentication keys for |
generates, manages and converts authentication keys for |
| .Xr ssh 1 . |
.Xr ssh 1 . |
| .Nm |
.Nm |
| can create RSA keys for use by SSH protocol version 1 and DSA, ECDSA or RSA |
can create RSA keys for use by SSH protocol version 1 and |
| keys for use by SSH protocol version 2. |
DSA, ECDSA, ED25519 or RSA keys for use by SSH protocol version 2. |
| The type of key to be generated is specified with the |
The type of key to be generated is specified with the |
| .Fl t |
.Fl t |
| option. |
option. |
|
|
| with public key authentication runs this once to create the authentication |
with public key authentication runs this once to create the authentication |
| key in |
key in |
| .Pa ~/.ssh/identity , |
.Pa ~/.ssh/identity , |
| |
.Pa ~/.ssh/id_dsa , |
| .Pa ~/.ssh/id_ecdsa , |
.Pa ~/.ssh/id_ecdsa , |
| .Pa ~/.ssh/id_dsa |
.Pa ~/.ssh/id_ed25519 |
| or |
or |
| .Pa ~/.ssh/id_rsa . |
.Pa ~/.ssh/id_rsa . |
| Additionally, the system administrator may use this to generate host keys, |
Additionally, the system administrator may use this to generate host keys, |
|
|
| The options are as follows: |
The options are as follows: |
| .Bl -tag -width Ds |
.Bl -tag -width Ds |
| .It Fl A |
.It Fl A |
| For each of the key types (rsa1, rsa, dsa and ecdsa) for which host keys |
For each of the key types (rsa1, rsa, dsa, ecdsa and ed25519) |
| |
for which host keys |
| do not exist, generate the host keys with the default key file path, |
do not exist, generate the host keys with the default key file path, |
| an empty passphrase, default bits for the key type, and default comment. |
an empty passphrase, default bits for the key type, and default comment. |
| This is used by |
This is used by |
|
|
| curve sizes: 256, 384 or 521 bits. |
curve sizes: 256, 384 or 521 bits. |
| Attempting to use bit lengths other than these three values for ECDSA keys |
Attempting to use bit lengths other than these three values for ECDSA keys |
| will fail. |
will fail. |
| |
ED25519 keys have a fixed length and the |
| |
.Fl b |
| |
flag will be ignored. |
| .It Fl C Ar comment |
.It Fl C Ar comment |
| Provides a new comment. |
Provides a new comment. |
| .It Fl c |
.It Fl c |
|
|
| .Dq rsa1 |
.Dq rsa1 |
| for protocol version 1 and |
for protocol version 1 and |
| .Dq dsa , |
.Dq dsa , |
| .Dq ecdsa |
.Dq ecdsa , |
| |
.Dq ed25519 , |
| or |
or |
| .Dq rsa |
.Dq rsa |
| for protocol version 2. |
for protocol version 2. |
|
|
| .Pp |
.Pp |
| .It Pa ~/.ssh/id_dsa |
.It Pa ~/.ssh/id_dsa |
| .It Pa ~/.ssh/id_ecdsa |
.It Pa ~/.ssh/id_ecdsa |
| |
.It Pa ~/.ssh/id_ed25519 |
| .It Pa ~/.ssh/id_rsa |
.It Pa ~/.ssh/id_rsa |
| Contains the protocol version 2 DSA, ECDSA or RSA authentication identity of the user. |
Contains the protocol version 2 DSA, ECDSA, ED25519 or RSA |
| |
authentication identity of the user. |
| This file should not be readable by anyone but the user. |
This file should not be readable by anyone but the user. |
| It is possible to |
It is possible to |
| specify a passphrase when generating the key; that passphrase will be |
specify a passphrase when generating the key; that passphrase will be |
|
|
| .Pp |
.Pp |
| .It Pa ~/.ssh/id_dsa.pub |
.It Pa ~/.ssh/id_dsa.pub |
| .It Pa ~/.ssh/id_ecdsa.pub |
.It Pa ~/.ssh/id_ecdsa.pub |
| |
.It Pa ~/.ssh/id_ed25519.pub |
| .It Pa ~/.ssh/id_rsa.pub |
.It Pa ~/.ssh/id_rsa.pub |
| Contains the protocol version 2 DSA, ECDSA or RSA public key for authentication. |
Contains the protocol version 2 DSA, ECDSA, ED25519 or RSA |
| |
public key for authentication. |
| The contents of this file should be added to |
The contents of this file should be added to |
| .Pa ~/.ssh/authorized_keys |
.Pa ~/.ssh/authorized_keys |
| on all machines |
on all machines |
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh-keygen.1 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh