SSH-KEYGEN2(1) SSH2 SSH-KEYGEN2(1)
NAME
ssh-keygen2 - authentication key pair generation
SYNOPSIS
ssh-keygen2 [-b bits] [-t dsa|rsa] [ -c comment_string] [
-e file] [ -p passphrase] [ -P ] [ -h ] [ -q ] [--over-
write] [ -1 file] [ -i file] [ -D file] [ -B number] [ -V
] [ -r file] [ -x file] [ -k file] [ -7 file] [ -F file] [
--import-public-key infile outfile] [ --import-private-
key infile outfile] [ --import-ssh1-authorized-keys infile
outfile] [ --import-ssh1-known-hosts-file infile] [key1
key2 ...]
DESCRIPTION
ssh-keygen2 generates and manages authentication keys for
ssh2(1). Normally each user wishing to use ssh2 with pub-
lic-key authentication runs this to create authentication
keys. Additionally, the system administrator may use this
to generate host keys for sshd2(8).
OPTIONS
-b bits
Specifies the length of the key in bits (default
2048).
-t dsa|rsa
Selects the algorithm used in key generation. dsa
(Digital Signature Algorithm) and rsa are sup-
ported. The default is dsa.
-c comment_string
Specifies the key's comment string.
-e file
Edits the specified key. Makes ssh-keygen2 inter-
active. You can change the key's passphrase or
comment.
-p passphrase
Specifies the passphrase used to protect the key.
-P Specifies that the key will be saved with an empty
passphrase.
-h Prints a short summary of ssh-keygen2 commands.
-q Hides the progress indicator.
--overwrite
Specifies whether to overwrite existing file(s).
Default is yes. Takes an optional yes/no argument
SSH2 20 March 2007 1
SSH-KEYGEN2(1) SSH2 SSH-KEYGEN2(1)
with which you can disable overwriting, i.e.
--overwrite=no.
-1 file
Converts a key from the ssh1 format to the ssh2
format.
-i file
Displays (all) information about a key.
-D file
Derives the public key from the private key file.
-B number
Specifies the number base for displaying key infor-
mation (default 10).
-V Prints version string and exits.
-r file
Adds entropy from file to the random pool
$HOME/.ssh2/random_seed. If file contains 'rela-
tively random' data (i.e. data unpredictable by a
potential attacker), the randomness of the pool is
increased. Good randomness is essential for the
security of the generated keys.
-x file
Converts a private key from the X.509 format to the
SSH2 format. The converted key is written to
file_ssh2. This feature is only available in com-
mercial distributions with certificate support.
-k file
Converts a PKCS #12 file to an SSH2-format private
key and certificate pair. This feature is only
available in commercial distributions with certifi-
cate support.
-7 file
Exports certificate(s) from a PKCS #7 file. This
feature is only available in commercial distribu-
tions with certificate support.
-F file
Dumps the fingerprint of the given public key. The
fingerprint is given in the Bubble Babble format,
which makes the fingerprint look like a string of
"real" words (making it easier to remember).
--import-public-key infile outfile
Attempts to import a public key from file infile
and store it to file outfile in ssh2 native format.
SSH2 20 March 2007 2
SSH-KEYGEN2(1) SSH2 SSH-KEYGEN2(1)
--import-private-key infile outfile
Attempts to import an unencrypted private key from
file infile and store it to file outfile in ssh2
native private key format.
--import-ssh1-authorized-keys infile outfile
Attempts to import ssh1-style authorized_keys file
infile and generate ssh2-style authorization file
outfile and store the keys from infile to generated
files into the same directory with outfile.
--import-ssh1-known-hosts-file infile
Attempts to import ssh1-style known_hosts file
infile and generate ssh2-style hostkey files to the
current directory from each key within the
known_hosts file.
FILES
$HOME/.ssh2/random_seed
Used for seeding the random number generator. This
file must not be readable by anyone but the user.
This file is created the first time the program is
run, and is updated every time the program is run.
$HOME/.ssh2/id_KEYTYPE_KEYLEN_X
Private authentication keys.
$HOME/.ssh2/id_KEYTYPE_KEYLEN_X.pub
Public authentication keys.
/etc/ssh2/hostkey
/etc/ssh2/hostkey.pub
Private and public sshd2(8) host keys.
AUTHORS
SSH Communications Security Corp.
For more information, see http://www.ssh.com.
SEE ALSO
ssh2(1), sshd2(8), ssh-agent2(1), ssh-add2(1)
SSH2 20 March 2007 3