ssh-keygen2(1)ssh-keygen2(1)NAME
ssh-keygen2, ssh-keygen - On a Secure Shell server, generates the host
key pair. On a Secure Shell client, generates the authentication key
pair for users who are using public key authentication.
SYNOPSIS
ssh-keygen2 [-b bits] [-t key_algorithm] [-c comment] [-e file] [-p
passphrase] [-P] [-h | -\?] [-q] [-l file] [-i file] [-D file] [-B num‐
ber] [-V] [-r file] [-x file] [-k file] [-7 file] [-F file] [key1 key2
. . .]
OPTIONS
Specifies the length of the key in bits; for example, 1024 bits. The
default is 2048. Specifies the algorithm used in key generation. Sup‐
ported algorithms are Digital Signature Algorithm (DSA) and Rivest,
Shamir, and Adleman (RSA). Specifies the key's comment string. Edits
the specified key. Makes the ssh-keygen2 command interactive. You can
change the key's passphrase or comment. Specifies the passphrase used.
Specifies that the key will be saved with an empty passphrase. Prints
a summary of ssh-keygen2 commands. Hides the progress indicator..
Converts the key from ssh1 format to ssh2 format. Display all informa‐
tion about a key. Derives the public key from the private key file.
Specifies the number base for displaying key information. The default
is 10. Displays version information. Adds entropy from a file to the
random pool $HOME/.ssh2/random_seed. If the file contains relatively
random data (i.e., data unpredictable by a potential attacker), the
randomness of the pool is increased. Good randomness is essential for
security of the generated keys. Converts a private key from X.509 for‐
mat to SSH2 format. The converted key is written to file_ssh2. This
feature is only available in commercial distributions with certificate
support. Converts a PKCS 12 file to an SSH2 format private key and
certificate pair. This feature is only available in commercial distri‐
butions with certificate support Exports certificates from a PKCS 7
file. This feature is only available in commercial distributions with
certificate support. Dumps the fingerprint of given public key. The
fingerprint is given in the Bubble Babble format, which makes the fin‐
gerprint look like a string of words.
DESCRIPTION
On a Secure Shell server, the ssh-keygen2 command generates and manages
the host key pair. On a Secure Shell client, the ssh-keygen2 command
generates the authentication key pair necessary for public key user
authentication. The system administrator also can use this command to
generate host keys for the sshd2 daemon.
See Security Administration for more information about Secure Shell
host keys and user authentication.
NOTES
Generating the authentication key pair is only part of the configura‐
tion necessary to use public key user authentication. Users can use the
ssh-pubkeymgr command to configure public key user authentication,
which includes generating the authentication key pair. The ssh-pub‐
keymgr command prompts the user for information necessary to configure
public key user authentication on a Secure Shell client.
FILES
Seeds the random number generator. This file should not be accessible
by anyone but the user. This file is created the first time the pro‐
gram is run and is updated every time the program is run. Contains the
user's private key. Contains the user's public key. Contains the pri‐
vate part of the host key. The ssh-keygen2 command creates this file.
This file should only be owned by root, readable only by root, and not
accessible to others. Contains the public part of the host key. The
ssh-keygen2 command creates this file. This file should be readable by
world and writable only by root.
LEGAL NOTICES
SSH is a registered trademark of SSH Communication Security Ltd.
SEE ALSO
Commands: ssh2(1), ssh-add2(1), ssh-agent2(1), ssh-pubkeymgr(1),
sshd2(8)
Guides: Security Administration
ssh-keygen2(1)