SSH: ssh-keygen2
SSH Tectia  
Previous Next Up [Contents] [Index]

    About This Document >>
    Installing SSH Tectia Server for IBM z/OS >>
    Getting Started with SSH Tectia Server for IBM z/OS >>
    Configuring the Server >>
    Configuring the Client >>
    Authentication >>
    Transferring Files >>
    Tunneling >>
    Troubleshooting SSH Tectia Server for IBM z/OS >>
    Advanced Information >>
    Man Pages >>
        ssh-certview >>
        ssh-cmpclient >>
        ssh-scepclient >>
    Log Messages >>


SSH-KEYGEN2(1)                 SSH2                SSH-KEYGEN2(1)

       ssh-keygen2 - authentication key pair generation

       ssh-keygen2  [-b bits] [-t dsa|rsa] [ -c comment_string] [
       -e file] [ -p passphrase] [ -P ] [ -h ] [  -q  ]  [--over-
       write]  [ -1 file] [ -i file] [ -D file] [ -B number] [ -V
       ] [ -r file] [ -x file] [ -k file] [ -7 file] [ -F file] [
       --import-public-key   infile  outfile] [ --import-private-
       key infile outfile] [ --import-ssh1-authorized-keys infile
       outfile]  [  --import-ssh1-known-hosts-file infile]  [key1
       key2 ...]

       ssh-keygen2  generates and manages authentication keys for
       ssh2(1).  Normally each user wishing to use ssh2 with pub-
       lic-key  authentication runs this to create authentication
       keys. Additionally, the system administrator may use  this
       to generate host keys for sshd2(8).

       -b bits
              Specifies  the  length  of the key in bits (default

       -t dsa|rsa
              Selects the algorithm used in key generation.   dsa
              (Digital  Signature  Algorithm)  and  rsa  are sup-
              ported. The default is dsa.

       -c comment_string
              Specifies the key's comment string.

       -e file
              Edits the specified key.  Makes ssh-keygen2  inter-
              active.   You  can  change  the key's passphrase or

       -p passphrase
              Specifies the passphrase used to protect the key.

       -P     Specifies that the key will be saved with an  empty

       -h | -\?
              Prints a short summary of ssh-keygen2 commands.

       -q     Hides the progress indicator.

              Specifies  whether  to  overwrite existing file(s).
              Default is yes. Takes an optional  yes/no  argument
              with   which  you  can  disable  overwriting,  i.e.

       -1 file
              Converts a key from the ssh1  format  to  the  ssh2

       -i file
              Displays (all) information about a key.

       -D file
              Derives the public key from the private key file.

       -B number
              Specifies the number base for displaying key infor-
              mation (default 10).

       -V     Prints version string and exits.

       -r file
              Adds  entropy  from  file  to   the   random   pool
              $HOME/.ssh2/random_seed.  If  file  contains 'rela-
              tively random' data (i.e. data unpredictable  by  a
              potential  attacker), the randomness of the pool is
              increased.  Good randomness is  essential  for  the
              security of the generated keys.

       -x file
              Converts a private key from the X.509 format to the
              SSH2 format.   The  converted  key  is  written  to
              file_ssh2.   This feature is only available in com-
              mercial distributions with certificate support.

       -k file
              Converts a PKCS #12 file to an SSH2-format  private
              key  and  certificate  pair.   This feature is only
              available in commercial distributions with certifi-
              cate support.

       -7 file
              Exports  certificate(s)  from a PKCS #7 file.  This
              feature is only available in  commercial  distribu-
              tions with certificate support.

       -F file
              Dumps the fingerprint of the given public key.  The
              fingerprint is given in the Bubble  Babble  format,
              which  makes  the fingerprint look like a string of
              "real" words (making it easier to remember).

       --import-public-key  infile outfile
              Attempts  to  import  a public key from file infile
              and store it to file outfile in ssh2 native format.

       --import-private-key infile outfile
              Attempts  to import an unencrypted private key from
              file infile and store it to file  outfile  in  ssh2
              native private key format.

       --import-ssh1-authorized-keys infile outfile
              Attempts  to import ssh1-style authorized_keys file
              infile and generate ssh2-style  authorization  file
              outfile and store the keys from infile to generated
              files into the same directory with outfile.

       --import-ssh1-known-hosts-file infile
              Attempts  to  import  ssh1-style  known_hosts  file
              infile and generate ssh2-style hostkey files to the
              current  directory  from  each   key   within   the
              known_hosts file.

              Used for seeding the random number generator.  This
              file  must  not be readable by anyone but the user.
              This file is created the first time the program  is
              run,  and is updated every time the program is run.

              Private authentication keys.

              Public authentication keys.


              Private and public sshd2(8) host keys.

       SSH Communications Security Corp.

       For more information, see

       ssh2(1), sshd2(8), ssh-agent2(1), ssh-add2(1)

Previous Next Up [Contents] [Index]

[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2007 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Copyright Notice