| version 1.49, 2001/09/05 06:23:07 |
version 1.49.2.3, 2002/06/22 07:23:18 |
|
|
| .Nm ssh-keygen |
.Nm ssh-keygen |
| .Op Fl q |
.Op Fl q |
| .Op Fl b Ar bits |
.Op Fl b Ar bits |
| .Op Fl t Ar type |
.Fl t Ar type |
| .Op Fl N Ar new_passphrase |
.Op Fl N Ar new_passphrase |
| .Op Fl C Ar comment |
.Op Fl C Ar comment |
| .Op Fl f Ar output_keyfile |
.Op Fl f Ar output_keyfile |
|
|
| generates, manages and converts authentication keys for |
generates, manages and converts authentication keys for |
| .Xr ssh 1 . |
.Xr ssh 1 . |
| .Nm |
.Nm |
| defaults to generating a RSA1 key for use by SSH protocol version 1. |
can create RSA keys for use by SSH protocol version 1 and RSA or DSA |
| Specifying the |
keys for use by SSH protocol version 2. The type of key to be generated |
| |
is specified with the |
| .Fl t |
.Fl t |
| option instead creates a key for use by SSH protocol version 2. |
option. |
| .Pp |
.Pp |
| Normally each user wishing to use SSH |
Normally each user wishing to use SSH |
| with RSA or DSA authentication runs this once to create the authentication |
with RSA or DSA authentication runs this once to create the authentication |
|
|
| The passphrase may be empty to indicate no passphrase |
The passphrase may be empty to indicate no passphrase |
| (host keys must have an empty passphrase), or it may be a string of |
(host keys must have an empty passphrase), or it may be a string of |
| arbitrary length. |
arbitrary length. |
| Good passphrases are 10-30 characters long and are |
A passphrase is similar to a password, except it can be a phrase with a |
| |
series of words, punctuation, numbers, whitespace, or any string of |
| |
characters you want. |
| |
Good passphrases are 10-30 characters long, are |
| not simple sentences or otherwise easily guessable (English |
not simple sentences or otherwise easily guessable (English |
| prose has only 1-2 bits of entropy per character, and provides very bad |
prose has only 1-2 bits of entropy per character, and provides very bad |
| passphrases). |
passphrases), and contain a mix of upper and lowercase letters, |
| |
numbers, and non-alphanumeric characters. |
| The passphrase can be changed later by using the |
The passphrase can be changed later by using the |
| .Fl p |
.Fl p |
| option. |
option. |
|
|
| The default is 1024 bits. |
The default is 1024 bits. |
| .It Fl c |
.It Fl c |
| Requests changing the comment in the private and public key files. |
Requests changing the comment in the private and public key files. |
| |
This operation is only supported for RSA1 keys. |
| The program will prompt for the file containing the private keys, for |
The program will prompt for the file containing the private keys, for |
| the passphrase if the key has one, and for the new comment. |
the passphrase if the key has one, and for the new comment. |
| .It Fl e |
.It Fl e |
|
|
| This option allows importing keys from several commercial |
This option allows importing keys from several commercial |
| SSH implementations. |
SSH implementations. |
| .It Fl l |
.It Fl l |
| Show fingerprint of specified private or public key file. |
Show fingerprint of specified public key file. |
| |
Private RSA1 keys are also supported. |
| |
For RSA and DSA keys |
| |
.Nm |
| |
tries to find the matching public key file and prints its fingerprint. |
| .It Fl p |
.It Fl p |
| Requests changing the passphrase of a private key file instead of |
Requests changing the passphrase of a private key file instead of |
| creating a new private key. |
creating a new private key. |
|
|
| or |
or |
| .Dq dsa |
.Dq dsa |
| for protocol version 2. |
for protocol version 2. |
| The default is |
|
| .Dq rsa1 . |
|
| .It Fl B |
.It Fl B |
| Show the bubblebabble digest of specified private or public key file. |
Show the bubblebabble digest of specified private or public key file. |
| .It Fl C Ar comment |
.It Fl C Ar comment |
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh-keygen.1 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh