| version 1.99, 2010/08/31 11:54:45 |
version 1.100, 2010/09/10 15:19:29 |
|
|
| generates, manages and converts authentication keys for |
generates, manages and converts authentication keys for |
| .Xr ssh 1 . |
.Xr ssh 1 . |
| .Nm |
.Nm |
| can create RSA keys for use by SSH protocol version 1 and RSA, DSA or ECDSA |
can create RSA keys for use by SSH protocol version 1 and DSA, ECDSA or RSA |
| keys for use by SSH protocol version 2. |
keys for use by SSH protocol version 2. |
| The type of key to be generated is specified with the |
The type of key to be generated is specified with the |
| .Fl t |
.Fl t |
|
|
| The possible values are |
The possible values are |
| .Dq rsa1 |
.Dq rsa1 |
| for protocol version 1 and |
for protocol version 1 and |
| .Dq rsa |
.Dq dsa , |
| |
.Dq ecdsa |
| or |
or |
| .Dq dsa |
.Dq rsa |
| for protocol version 2. |
for protocol version 2. |
| .It Fl V Ar validity_interval |
.It Fl V Ar validity_interval |
| Specify a validity interval when signing a certificate. |
Specify a validity interval when signing a certificate. |
|
|
| .Xr ssh 1 . |
.Xr ssh 1 . |
| Please refer to those manual pages for details. |
Please refer to those manual pages for details. |
| .Sh FILES |
.Sh FILES |
| .Bl -tag -width Ds |
.Bl -tag -width Ds -compact |
| .It Pa ~/.ssh/identity |
.It Pa ~/.ssh/identity |
| Contains the protocol version 1 RSA authentication identity of the user. |
Contains the protocol version 1 RSA authentication identity of the user. |
| This file should not be readable by anyone but the user. |
This file should not be readable by anyone but the user. |
| It is possible to |
It is possible to |
| specify a passphrase when generating the key; that passphrase will be |
specify a passphrase when generating the key; that passphrase will be |
| used to encrypt the private part of this file using 128-bit AES. |
used to encrypt the private part of this file using 3DES. |
| This file is not automatically accessed by |
This file is not automatically accessed by |
| .Nm |
.Nm |
| but it is offered as the default file for the private key. |
but it is offered as the default file for the private key. |
| .Xr ssh 1 |
.Xr ssh 1 |
| will read this file when a login attempt is made. |
will read this file when a login attempt is made. |
| |
.Pp |
| .It Pa ~/.ssh/identity.pub |
.It Pa ~/.ssh/identity.pub |
| Contains the protocol version 1 RSA public key for authentication. |
Contains the protocol version 1 RSA public key for authentication. |
| The contents of this file should be added to |
The contents of this file should be added to |
|
|
| on all machines |
on all machines |
| where the user wishes to log in using RSA authentication. |
where the user wishes to log in using RSA authentication. |
| There is no need to keep the contents of this file secret. |
There is no need to keep the contents of this file secret. |
| |
.Pp |
| .It Pa ~/.ssh/id_dsa |
.It Pa ~/.ssh/id_dsa |
| Contains the protocol version 2 DSA authentication identity of the user. |
.It Pa ~/.ssh/id_ecdsa |
| This file should not be readable by anyone but the user. |
|
| It is possible to |
|
| specify a passphrase when generating the key; that passphrase will be |
|
| used to encrypt the private part of this file using 128-bit AES. |
|
| This file is not automatically accessed by |
|
| .Nm |
|
| but it is offered as the default file for the private key. |
|
| .Xr ssh 1 |
|
| will read this file when a login attempt is made. |
|
| .It Pa ~/.ssh/id_dsa.pub |
|
| Contains the protocol version 2 DSA public key for authentication. |
|
| The contents of this file should be added to |
|
| .Pa ~/.ssh/authorized_keys |
|
| on all machines |
|
| where the user wishes to log in using public key authentication. |
|
| There is no need to keep the contents of this file secret. |
|
| .It Pa ~/.ssh/id_rsa |
.It Pa ~/.ssh/id_rsa |
| Contains the protocol version 2 RSA authentication identity of the user. |
Contains the protocol version 2 DSA, ECDSA or RSA authentication identity of the user. |
| This file should not be readable by anyone but the user. |
This file should not be readable by anyone but the user. |
| It is possible to |
It is possible to |
| specify a passphrase when generating the key; that passphrase will be |
specify a passphrase when generating the key; that passphrase will be |
|
|
| but it is offered as the default file for the private key. |
but it is offered as the default file for the private key. |
| .Xr ssh 1 |
.Xr ssh 1 |
| will read this file when a login attempt is made. |
will read this file when a login attempt is made. |
| |
.Pp |
| |
.It Pa ~/.ssh/id_dsa.pub |
| |
.It Pa ~/.ssh/id_ecdsa.pub |
| .It Pa ~/.ssh/id_rsa.pub |
.It Pa ~/.ssh/id_rsa.pub |
| Contains the protocol version 2 RSA public key for authentication. |
Contains the protocol version 2 DSA, ECDSA or RSA public key for authentication. |
| The contents of this file should be added to |
The contents of this file should be added to |
| .Pa ~/.ssh/authorized_keys |
.Pa ~/.ssh/authorized_keys |
| on all machines |
on all machines |
| where the user wishes to log in using public key authentication. |
where the user wishes to log in using public key authentication. |
| There is no need to keep the contents of this file secret. |
There is no need to keep the contents of this file secret. |
| |
.Pp |
| .It Pa /etc/moduli |
.It Pa /etc/moduli |
| Contains Diffie-Hellman groups used for DH-GEX. |
Contains Diffie-Hellman groups used for DH-GEX. |
| The file format is described in |
The file format is described in |
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh-keygen.1 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh