| version 1.67, 2005/03/14 10:09:03 |
version 1.67.2.2, 2006/02/03 02:53:45 |
|
|
| The type of key to be generated is specified with the |
The type of key to be generated is specified with the |
| .Fl t |
.Fl t |
| option. |
option. |
| |
If invoked without any arguments, |
| |
.Nm |
| |
will generate an RSA key for use in SSH protocol 2 connections. |
| .Pp |
.Pp |
| .Nm |
.Nm |
| is also used to generate groups for use in Diffie-Hellman group |
is also used to generate groups for use in Diffie-Hellman group |
|
|
| Normally each user wishing to use SSH |
Normally each user wishing to use SSH |
| with RSA or DSA authentication runs this once to create the authentication |
with RSA or DSA authentication runs this once to create the authentication |
| key in |
key in |
| .Pa $HOME/.ssh/identity , |
.Pa ~/.ssh/identity , |
| .Pa $HOME/.ssh/id_dsa |
.Pa ~/.ssh/id_dsa |
| or |
or |
| .Pa $HOME/.ssh/id_rsa . |
.Pa ~/.ssh/id_rsa . |
| Additionally, the system administrator may use this to generate host keys, |
Additionally, the system administrator may use this to generate host keys, |
| as seen in |
as seen in |
| .Pa /etc/rc . |
.Pa /etc/rc . |
|
|
| Show the bubblebabble digest of specified private or public key file. |
Show the bubblebabble digest of specified private or public key file. |
| .It Fl b Ar bits |
.It Fl b Ar bits |
| Specifies the number of bits in the key to create. |
Specifies the number of bits in the key to create. |
| Minimum is 512 bits. |
For RSA keys, the minimum size is 768 bits and the default is 2048 bits. |
| Generally, 1024 bits is considered sufficient. |
Generally, 2048 bits is considered sufficient. |
| The default is 1024 bits. |
DSA keys must be exactly 1024 bits as specified by FIPS 186-2. |
| .It Fl C Ar comment |
.It Fl C Ar comment |
| Provides a new comment. |
Provides a new comment. |
| .It Fl c |
.It Fl c |
|
|
| that both ends of a connection share common moduli. |
that both ends of a connection share common moduli. |
| .Sh FILES |
.Sh FILES |
| .Bl -tag -width Ds |
.Bl -tag -width Ds |
| .It Pa $HOME/.ssh/identity |
.It Pa ~/.ssh/identity |
| Contains the protocol version 1 RSA authentication identity of the user. |
Contains the protocol version 1 RSA authentication identity of the user. |
| This file should not be readable by anyone but the user. |
This file should not be readable by anyone but the user. |
| It is possible to |
It is possible to |
|
|
| but it is offered as the default file for the private key. |
but it is offered as the default file for the private key. |
| .Xr ssh 1 |
.Xr ssh 1 |
| will read this file when a login attempt is made. |
will read this file when a login attempt is made. |
| .It Pa $HOME/.ssh/identity.pub |
.It Pa ~/.ssh/identity.pub |
| Contains the protocol version 1 RSA public key for authentication. |
Contains the protocol version 1 RSA public key for authentication. |
| The contents of this file should be added to |
The contents of this file should be added to |
| .Pa $HOME/.ssh/authorized_keys |
.Pa ~/.ssh/authorized_keys |
| on all machines |
on all machines |
| where the user wishes to log in using RSA authentication. |
where the user wishes to log in using RSA authentication. |
| There is no need to keep the contents of this file secret. |
There is no need to keep the contents of this file secret. |
| .It Pa $HOME/.ssh/id_dsa |
.It Pa ~/.ssh/id_dsa |
| Contains the protocol version 2 DSA authentication identity of the user. |
Contains the protocol version 2 DSA authentication identity of the user. |
| This file should not be readable by anyone but the user. |
This file should not be readable by anyone but the user. |
| It is possible to |
It is possible to |
|
|
| but it is offered as the default file for the private key. |
but it is offered as the default file for the private key. |
| .Xr ssh 1 |
.Xr ssh 1 |
| will read this file when a login attempt is made. |
will read this file when a login attempt is made. |
| .It Pa $HOME/.ssh/id_dsa.pub |
.It Pa ~/.ssh/id_dsa.pub |
| Contains the protocol version 2 DSA public key for authentication. |
Contains the protocol version 2 DSA public key for authentication. |
| The contents of this file should be added to |
The contents of this file should be added to |
| .Pa $HOME/.ssh/authorized_keys |
.Pa ~/.ssh/authorized_keys |
| on all machines |
on all machines |
| where the user wishes to log in using public key authentication. |
where the user wishes to log in using public key authentication. |
| There is no need to keep the contents of this file secret. |
There is no need to keep the contents of this file secret. |
| .It Pa $HOME/.ssh/id_rsa |
.It Pa ~/.ssh/id_rsa |
| Contains the protocol version 2 RSA authentication identity of the user. |
Contains the protocol version 2 RSA authentication identity of the user. |
| This file should not be readable by anyone but the user. |
This file should not be readable by anyone but the user. |
| It is possible to |
It is possible to |
|
|
| but it is offered as the default file for the private key. |
but it is offered as the default file for the private key. |
| .Xr ssh 1 |
.Xr ssh 1 |
| will read this file when a login attempt is made. |
will read this file when a login attempt is made. |
| .It Pa $HOME/.ssh/id_rsa.pub |
.It Pa ~/.ssh/id_rsa.pub |
| Contains the protocol version 2 RSA public key for authentication. |
Contains the protocol version 2 RSA public key for authentication. |
| The contents of this file should be added to |
The contents of this file should be added to |
| .Pa $HOME/.ssh/authorized_keys |
.Pa ~/.ssh/authorized_keys |
| on all machines |
on all machines |
| where the user wishes to log in using public key authentication. |
where the user wishes to log in using public key authentication. |
| There is no need to keep the contents of this file secret. |
There is no need to keep the contents of this file secret. |
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh-keygen.1 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh