SSH-KEYGEN2(1) SSH2 SSH-KEYGEN2(1)
ssh-keygen2 - authentication key pair generation
ssh-keygen2 [-b bits] [-t dsa|rsa] [ -c comment_string] [
-e file] [ -p passphrase] [ -P ] [ -\? ] [ -h ] [ -q ]
[--overwrite] [ -1 file] [ -i file] [ -D file] [ -B num-
ber] [ -V ] [ -r file] [ -x file] [ -k file] [ -7 file] [
-F file] [key1 key2 ...]
ssh-keygen2 generates and manages authentication keys for
ssh2(1). Normally each user wishing to use ssh2 with pub-
lic-key authentication runs this to create authentication
keys. Additionally, the system administrator may use this
to generate host keys for sshd2(8).
Specifies the length of the key in bits (default
Selects the algorithm used in key generation. dsa
(Digital Signature Algorithm) and rsa are sup-
ported. The default is dsa.
Specifies the key's comment string.
Edits the specified key. Makes ssh-keygen2 inter-
active. You can change the key's passphrase or
Specifies the passphrase used to protect the key.
-P Specifies that the key will be saved with an empty
-h | -\?
Prints a short summary of ssh-keygen2 commands.
-q Hides the progress indicator.
Specifies whether to overwrite existing file(s).
Default is yes. Takes an optional yes/no argument
with which you can disable overwriting, i.e.
Converts a key from the ssh1 format to the ssh2
Displays (all) information about a key.
Derives the public key from the private key file.
Specifies the number base for displaying key infor-
mation (default 10).
-V Prints version string and exits.
Adds entropy from file to the random pool
$HOME/.ssh2/random_seed. If file contains 'rela-
tively random' data (i.e. data unpredictable by a
potential attacker), the randomness of the pool is
increased. Good randomness is essential for the
security of the generated keys.
Converts a private key from the X.509 format to the
SSH2 format. The converted key is written to
file_ssh2. This feature is only available in com-
mercial distributions with certificate support.
Converts a PKCS #12 file to an SSH2-format private
key and certificate pair. This feature is only
available in commercial distributions with certifi-
Exports certificate(s) from a PKCS #7 file. This
feature is only available in commercial distribu-
tions with certificate support.
Dumps the fingerprint of the given public key. The
fingerprint is given in the Bubble Babble format,
which makes the fingerprint look like a string of
"real" words (making it easier to remember).
Used for seeding the random number generator. This
file must not be readable by anyone but the user.
This file is created the first time the program is
run, and is updated every time the program is run.
Private authentication keys.
Public authentication keys.
Private and public sshd2(8) host keys.
SSH Communications Security Corp.
For more information, see http://www.ssh.com.
ssh2(1), sshd2(8), ssh-agent2(1), ssh-add2(1)
Cryptomining with the SSH protocol: what big enterprises need to know about it
Cryptomining malware is primarily thought of as targeting desktops and laptops and is used to hijack system resources to mine cryptocurrency. Read more
SLAM the door shut on traditional privileged access management
Did you know that something as trivial-sounding as granting access for your developers or third parties to a product development environment can throw a gorilla-sized monkey wrench into your operations and productivity? Read more
We broke the IT security perimeter
Everyone understands the concept of a security perimeter. You only gain access if you are identified and authorized to do so. Read more