unixdev.net


Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (OSF1-V5.1-alpha)
Page:
Section:
Apropos / Subsearch:
optional field



ssh-keygen2(1)						       ssh-keygen2(1)



NAME

  ssh-keygen2, ssh-keygen - On a Secure	Shell server, generates	the host key
  pair.	On a Secure Shell client, generates the	authentication key pair	for
  users	who are	using public key authentication.

SYNOPSIS

  ssh-keygen2 [-b bits]	[-t key_algorithm] [-c comment]	[-e file] [-p
  passphrase] [-P] [-h | -\?] [-q] [-l file] [-i file] [-D file] [-B number]
  [-V] [-r file] [-x file] [-k file] [-7 file] [-F file] [key1 key2 . .	.]

OPTIONS

  -b bits
      Specifies	the length of the key in bits; for example, 1024 bits. The
      default is 2048.

  -t key_algorithm
      Specifies	the algorithm used in key generation. Supported	algorithms
      are Digital Signature Algorithm (DSA) and	Rivest,	Shamir,	and Adleman
      (RSA).

  -c comment
      Specifies	the key's comment string.

  -e file
      Edits the	specified key. Makes the ssh-keygen2 command interactive. You
      can change the key's passphrase or comment.

  -p passphrase
      Specifies	the passphrase used.

  -P  Specifies	that the key will be saved with	an empty passphrase.

  -h | -\?
      Prints a summary of ssh-keygen2 commands.

  -q  Hides the	progress indicator..

  -1 file
      Converts the key from ssh1 format	to ssh2	format.

  -ifile
      Display all information about a key.

  -Dfile
      Derives the public key from the private key file.

  -Bnumber
      Specifies	the number base	for displaying key information.	The default
      is 10.

  -V  Displays version information.

  -r file
      Adds entropy from	a file to the random pool $HOME/.ssh2/random_seed.
      If the file contains relatively random data (i.e., data unpredictable
      by a potential attacker),	the randomness of the pool is increased.
      Good randomness is essential for security	of the generated keys.

  -xfile
      Converts a private key from X.509	format to SSH2 format.	The converted
      key is written to	file_ssh2.  This feature is only available in commer-
      cial distributions with certificate support.

  -kfile
      Converts a PKCS 12 file to an SSH2 format	private	key and	certificate
      pair.  This feature is only available in commercial distributions	with
      certificate support

  -7file
      Exports certificates from	a PKCS 7 file.	This feature is	only avail-
      able in commercial distributions with certificate	support.

  -F file
      Dumps the	fingerprint of given public key. The fingerprint is given in
      the Bubble Babble	format,	which makes the	fingerprint look like a
      string of	words.

DESCRIPTION

  On a Secure Shell server, the	ssh-keygen2 command generates and manages the
  host key pair. On a Secure Shell client, the ssh-keygen2 command generates
  the authentication key pair necessary	for public key user authentication.
  The system administrator also	can use	this command to	generate host keys
  for the sshd2	daemon.

  See Security Administration for more information about Secure	Shell host
  keys and user	authentication.

NOTES

  Generating the authentication	key pair is only part of the configuration
  necessary to use public key user authentication. Users can use the ssh-
  pubkeymgr command to configure public	key user authentication, which
  includes generating the authentication key pair. The ssh-pubkeymgr command
  prompts the user for information necessary to	configure public key user
  authentication on a Secure Shell client.

FILES

  $HOME/.ssh2/random_seed
      Seeds the	random number generator.  This file should not be accessible
      by anyone	but the	user.  This file is created the	first time the pro-
      gram is run and is updated every time the	program	is run.

  $HOME/.ssh2/id_KEYTYPE_KEYLEN_X
      Contains the user's private key.

  $HOME/.ssh2/id_KEYTYPE_KEYLEN_X.pub
      Contains the user's public key.

  /etc/ssh2/hostkey
      Contains the private part	of the host key.  The ssh-keygen2 command
      creates this file. This file should only be owned	by root, readable
      only by root, and	not accessible to others.

  /etc/ssh2/hostkey.pub
      Contains the public part of the host key.	  The ssh-keygen2 command
      creates this file. This file should be readable by world and writable
      only by root.




LEGAL NOTICES

  SSH is a registered trademark	of SSH Communication Security Ltd.

SEE ALSO

  Commands: ssh2(1), ssh-add2(1), ssh-agent2(1), ssh-pubkeymgr(1), sshd2(8)

  Guides: Security Administration