SSH-KEYGEN2(1) SSH2 SSH-KEYGEN2(1)
NAME
ssh-keygen2 - authentication key pair generation
SYNOPSIS
ssh-keygen2 [-b bits] [-t dsa|rsa] [ -c comment_string] [
-e file] [ -p passphrase] [ -P ] [ -\? ] [ -h ] [ -q ]
[--overwrite] [ -1 file] [ -i file] [ -D file] [ -B num-
ber] [ -V ] [ -r file] [ -x file] [ -k file] [ -7 file] [
-F file] [key1 key2 ...]
DESCRIPTION
ssh-keygen2 generates and manages authentication keys for
ssh2(1). Normally each user wishing to use ssh2 with pub-
lic-key authentication runs this to create authentication
keys. Additionally, the system administrator may use this
to generate host keys for sshd2(8).
OPTIONS
-b bits
Specifies the length of the key in bits (default
2048).
-t dsa|rsa
Selects the algorithm used in key generation. dsa
(Digital Signature Algorithm) and rsa are sup-
ported. The default is dsa.
-c comment_string
Specifies the key's comment string.
-e file
Edits the specified key. Makes ssh-keygen2 inter-
active. You can change the key's passphrase or
comment.
-p passphrase
Specifies the passphrase used to protect the key.
-P Specifies that the key will be saved with an empty
passphrase.
-h | -\?
Prints a short summary of ssh-keygen2 commands.
-q Hides the progress indicator.
--overwrite
Specifies whether to overwrite existing file(s).
Default is yes. Takes an optional yes/no argument
with which you can disable overwriting, i.e.
--overwrite=no.
-1 file
Converts a key from the ssh1 format to the ssh2
format.
-i file
Displays (all) information about a key.
-D file
Derives the public key from the private key file.
-B number
Specifies the number base for displaying key infor-
mation (default 10).
-V Prints version string and exits.
-r file
Adds entropy from file to the random pool
$HOME/.ssh2/random_seed. If file contains 'rela-
tively random' data (i.e. data unpredictable by a
potential attacker), the randomness of the pool is
increased. Good randomness is essential for the
security of the generated keys.
-x file
Converts a private key from the X.509 format to the
SSH2 format. The converted key is written to
file_ssh2. This feature is only available in com-
mercial distributions with certificate support.
-k file
Converts a PKCS #12 file to an SSH2-format private
key and certificate pair. This feature is only
available in commercial distributions with certifi-
cate support.
-7 file
Exports certificate(s) from a PKCS #7 file. This
feature is only available in commercial distribu-
tions with certificate support.
-F file
Dumps the fingerprint of the given public key. The
fingerprint is given in the Bubble Babble format,
which makes the fingerprint look like a string of
"real" words (making it easier to remember).
FILES
$HOME/.ssh2/random_seed
Used for seeding the random number generator. This
file must not be readable by anyone but the user.
This file is created the first time the program is
run, and is updated every time the program is run.
$HOME/.ssh2/id_KEYTYPE_KEYLEN_X
Private authentication keys.
$HOME/.ssh2/id_KEYTYPE_KEYLEN_X.pub
Public authentication keys.
/etc/ssh2/hostkey
/etc/ssh2/hostkey.pub
Private and public sshd2(8) host keys.
AUTHORS
SSH Communications Security Corp.
For more information, see http://www.ssh.com.
SEE ALSO
ssh2(1), sshd2(8), ssh-agent2(1), ssh-add2(1)
|
