.\" -*- nroff -*- .\" .\" ssh-keygen2.1 .\" .\" Authors: Tatu Ylonen .\" Markku-Juhani Saarinen .\" Sami Lehtinen .\" .\" Copyright (c) 1997, 2001, 2002 SSH Communications Security Corp, Finland .\" All rights reserved .\" .TH SSH-KEYGEN2 1 "May 16, 2002" "SSH2" "SSH2" .SH NAME ssh-keygen2 \- authentication key pair generation .SH SYNOPSIS .LP .B ssh-keygen2 [\c .BI \-b \ bits\fR\c ] [\c .BI \-t \ key_algorithm\fR\c ] [ .BI \-c \ comment_string\fR\c ] [ .BI \-e \ file \fR\c ] [ .BI \-p \ passphrase\fR\c ] [ .B \-P ] [ .B \-\e? ] [ .B \-h ] [ .B \-q ] [ .BI \-1 \ file\fR\c ] [ .BI \-i \ file\fR\c ] [ .BI \-D \ file\fR\c ] [ .BI \-B \ number\fR\c ] [ .B \-V ] [ .BI \-r \ file\fR\c ] [ .BI \-x \ file\fR\c ] [ .BI \-k \ file\fR\c ] [ .BI \-7 \ file \fR\c ] [ .BI \-F \ file\fR\c ] [key1 key2 ...] .SH DESCRIPTION .LP .B ssh-keygen2 generates and manages authentication keys for .BR ssh2 (1). Normally each user wishing to use .B ssh2 with public-key authentication runs this to create authentication keys. Additionally, the system administrator may use this to generate host keys for .BR sshd2 (8). .SH OPTIONS .ne 3 .TP .BI \-b \ bits\fR\c Number of key in bits (default 2048). .ne 3 .TP .BI \-t \ key_algorithm\fR\c The algorithm used in key generation. DSA (Digital Signature Algorithm) and RSA are supported. .ne 3 .TP .BI \-c \ comment_string\fR\c Specify the key's comment string. .ne 3 .TP .BI \-e \ file \fR\c Edit the specified key. Makes .B ssh-keygen2 interactive. You can change the key's passphrase or comment. .ne 3 .TP .BI \-p \ passphrase\fR\c Specify the passphrase used to protect the key. .ne 3 .TP .B \-P Specify that the key will be saved with an empty passphrase. .ne 3 .TP .B \-h | \-\e? Print a short summary of ssh-keygen2 commands. .ne 3 .TP .B \-q Hide the progress indicator. .ne 3 .TP .BI \-1 \ file\fR\c Convert key from .B ssh1 format to .B ssh2 format. .ne 3 .TP .BI \-i \ file \fR\c Display (all) information about a key. .ne 3 .TP .BI \-D \ file \fR\c Derive the public key from the private key file. .ne 3 .TP .BI \-B \ number \fR\c The number base for displaying key information (default 10). .ne 3 .TP .B \-V Print version string and exit. .ne 3 .TP .BI \-r \ file\fR\c Add entropy from \fIfile\fR to the random pool \fI$HOME/\s+2.\s0ssh2/random_seed\fR. If \fIfile\fR contains 'relatively random' data (ie. data unpredictable by a potential attacker), the randomness of the pool is increased. Good randomness is essential for security of the generated keys. .TP .BI \-x \ file\fR\c Converts a private key from X.509 format to SSH2 format. The converted key is written to \fIfile\fR_ssh2. This feature is only available in commercial distributions with certificate support. .TP .BI \-k \ file\fR\c Converts a PKCS 12 file to an SSH2 format private key and certificate pair. This feature is only available in commercial distributions with certificate support. .TP .BI \-7 \ file\fR\c Exports certificate(s) from a PKCS 7 file. This feature is only available in commercial distributions with certificate support. .TP .BI \-F \ file\fR\c Dump fingerprint of given public key. The fingerprint is given in the Bubble Babble format, which makes the fingerprint look like a string of "real" words (making it easier to remember). .SH FILES .TP .I \&$HOME/\s+2.\s0ssh2/random_seed Used for seeding the random number generator. This file must not be readable by anyone but the user. This file is created the first time the program is run, and is updated every time the program is run. .TP .I \&$HOME/\s+2.\s0ssh2/id_KEYTYPE_KEYLEN_X Private authentication keys. .TP .I \&$HOME/\s+2.\s0ssh2/id_KEYTYPE_KEYLEN_X.pub Public authentication keys. .TP .I /etc/ssh2/hostkey .TP .I /etc/ssh2/hostkey.pub Private and public .BR sshd2 (8) host keys. .SH AUTHORS .LP SSH Communications Security Corp. For more information, see http://www.ssh.com. .SH SEE ALSO .LP .BR ssh2 (1), .BR sshd2 (8), .BR ssh-agent2 (1), .BR ssh-add2 (1)