SSH Tectia
Home Prev Up Next  

ssh-keygen-g3

ssh-keygen-g3 — authentication key pair generator

Synopsis

ssh-keygen-g3 [options...]
[key1 key2...]

Description

ssh-keygen-g3 (ssh-keygen-g3.exe on Windows) is a tool that generates and manages authentication keys for Secure Shell. Each user wishing to use a Secure Shell client with public-key authentication can run this tool to create authentication keys. Additionally, the system administrator can use this to generate host keys for the Secure Shell server.

By default, if no path for the key files is specified, the key pair is generated under the user's home directory ($HOME/.ssh2 on Unix, "%USERPROFILE%\Application Data\SSH\UserKeys" on Windows). If no filename is specified, the key pair is likewise stored under the user's home directory with such filenames as id_dsa_1024_a and id_dsa_1024_a.pub.

Options

The following options are available:

-b bits

Specifies the length of the key in bits (default 2048).

-t dsa|rsa

Selects the type of the key. Valid options are dsa (default) and rsa.

--fips-mode [={yes|no}]

Generates the key using the FIPS mode for the cryptographic library. The default is no.

--fips-crypto-dll-path path

Specifies the location of the FIPS cryptographic DLL.

-c comment_string

Specifies the key's comment string.

-e file

Edits the specified key. Makes ssh-keygen-g3 interactive. You can change the key's passphrase or comment.

-p passphrase

Specifies the passphrase used.

-P

Specifies that the key will be saved with an empty passphrase.

-h | -?

Displays help and exits.

-q

Hides the progress indicator.

-1 file

Converts a key from the SSH1 format to the SSH2 format.

-i file

Loads and displays information on file.

-D file

Derives the public key from the private key file.

-B number

Specifies the number base for displaying key information (default 10).

-V

Displays version string and exits.

-r file

Adds entropy from file to the random pool. If file contains 'relatively random' data (i.e. data unpredictable by a potential attacker), the randomness of the pool is increased. Good randomness is essential for the security of the generated keys.

--overwrite [={yes|no}]

Overwrite files with the same filenames. The default is to overwrite.

-x file

Converts a private key from the X.509 format to the SSH2 format.

-k file

Converts a PKCS #12 file to an SSH2-format certificate and private key.

-7 file

Extracts certificates from a PKCS #7 file.

-F file

Dumps the fingerprint of the given public key. The fingerprint is given in the Bubble Babble format, which makes the fingerprint look like a string of "real" words (making it easier to pronounce).

-H, --hostkey

Generates a Secure Shell host key pair and stores the key pair in the default host key directory (/etc/ssh2 on Unix, "C:\Program Files\SSH Communications Security\SSH Tectia\SSH Tectia Server" on Windows).

--import-public-key infile outfile

Attempts to import a public key from infile and store it to outfile in SSH2 native format.

--import-private-key infile outfile

Attempts to import an unencrypted private key from infile and store it to outfile in SSH2 native private key format.

--import-ssh1-authorized-keys infile outfile

Imports an SSH1-style authorized_keys file infile and generates an SSH2-style authorization file outfile and stores the keys from infile to generated files into the same directory with outfile.

Home Prev Up Next  

Copyright 2006 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Contact Information