ssh-pubkeymgr - Configures Secure Shell public key user authentication
ssh-pubkeymgr [-k keypair_name]
Specifies the keypair name. The default private key is id_dsa_2048_a
and the default public key is id_dsa_2048_a.pub.
The ssh-pubkeymgr command creates the user files necessary to configure
public key user authentication on a Secure Shell client. Initially, it
checks for public keys, and prompts the user for the following information:
+ A secret passphrase for the key pair.
+ The host entries to add to the user's authorization file. A host entry
identifies the name of a public key for a remote host from which the
user will access their user account on the local host.
+ Whether to copy the user's public key to a user account on a remote
host that they will access. Host names must be entered with their
fully qualified domain name. User's are prompted for the password for
the specified user account on the remote host because, by default,
password authentication is the only authentication available at that
If ssh-pubkeymgr cannot find any public keys, the ssh-keygen2 command runs.
(Make sure you give the ssh-keygen2 command a passphrase; you can run the
ssh-agent2 command later to store your keys in memory.)
Following these steps, the ssh-pubkeymgr command will create the following
identification and authorization files:
+ A directory called $HOME/.ssh2 for the user on the client ($HOME is
the name of the user's home directory). All the files created by the
ssh-pubkeymgr command are located in this directory.
+ The key pair as follows:
-- The $HOME/.ssh2/id_dsa_2048_a file contains the user's private
key. Only the user for which the key was created should have
access this file.
-- The $HOME/.ssh2/id_dsa_2048_a.pub file and $HOME/.ssh2/username-
hostname.pub contains the user's public key. The username-
hostname.pub is the file that will be copied to servers that use
public key authentication and to which the user will connect.
+ A file called $HOME/.ssh2/authorization that contains the names of
public keys for remote hosts from which the user access their user
account on the local host.
+ A file called $HOME/.ssh2/identification that contains the following
entry that identifies the name of the user's private key file:
After all the files are created, the ssh-pubkeymgr command provides an
interface that can upload your user public key to a remote host using the
scp2 command. Using the same interface, you can download host keys from the
desired hosts using the scp2 command.
See Security Administration for more information about Secure Shell user
Contains the names of the host public keys that are allowed to authen-
ticate to this account.
Contains the names of the private keys that are to be used in authenti-
cation. See ssh2(1)for more information.
Contains the default DSA private key for the user.
Contains the default DSA public key for the user.
Contains the user's public key.
SSH is a registered trademark of SSH Communication Security Ltd.
Commands: scp2(1), ssh2(1), ssh-agent2(1), ssh-keygen2(1), sshd2(8)
Guides: Security Administration