[openssh.git] / ssh-keygen.1

.\"	$OpenBSD: ssh-keygen.1,v 1.29 2001/01/29 01:58:18 niklas Exp $
.\"
.\"  -*- nroff -*-
.\"
.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
.\"                    All rights reserved
.\"
.\" As far as I am concerned, the code I have written for this software
.\" can be used freely for any purpose.  Any derived versions of this
.\" software must be clearly marked as such, and if the derived work is
.\" incompatible with the protocol description in the RFC file, it must be
.\" called by a name other than "ssh" or "Secure Shell".
.\"
.\"
.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved.
.\" Copyright (c) 1999 Aaron Campbell. All rights reserved.
.\" Copyright (c) 1999 Theo de Raadt. All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\"    notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\"    notice, this list of conditions and the following disclaimer in the
.\"    documentation and/or other materials provided with the distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd September 25, 1999
.Dt SSH-KEYGEN 1
.Os
.Sh NAME
.Nm ssh-keygen
.Nd authentication key generation
.Sh SYNOPSIS
.Nm ssh-keygen
.Op Fl q
.Op Fl b Ar bits
.Op Fl t Ar type
.Op Fl N Ar new_passphrase
.Op Fl C Ar comment
.Op Fl f Ar output_keyfile
.Nm ssh-keygen
.Fl p
.Op Fl P Ar old_passphrase
.Op Fl N Ar new_passphrase
.Op Fl f Ar keyfile
.Nm ssh-keygen
.Fl x
.Op Fl f Ar input_keyfile
.Nm ssh-keygen
.Fl X
.Op Fl f Ar input_keyfile
.Nm ssh-keygen
.Fl y
.Op Fl f Ar input_keyfile
.Nm ssh-keygen
.Fl c
.Op Fl P Ar passphrase
.Op Fl C Ar comment
.Op Fl f Ar keyfile
.Nm ssh-keygen
.Fl l
.Op Fl f Ar input_keyfile
.Sh DESCRIPTION
.Nm
generates and manages authentication keys for
.Xr ssh 1 .
.Nm
defaults to generating an RSA key for use by protocols 1.3 and 1.5;
specifying the
.Fl t
option allows you to create a key for use by protocol 2.0.
.Pp
Normally each user wishing to use SSH
with RSA or DSA authentication runs this once to create the authentication
key in
.Pa $HOME/.ssh/identity
or
.Pa $HOME/.ssh/id_dsa .
Additionally, the system administrator may use this to generate host keys,
as seen in
.Pa /etc/rc .
.Pp
Normally this program generates the key and asks for a file in which
to store the private key.
The public key is stored in a file with the same name but
.Dq .pub
appended.
The program also asks for a passphrase.
The passphrase may be empty to indicate no passphrase
(host keys must have an empty passphrase), or it may be a string of
arbitrary length.
Good passphrases are 10-30 characters long and are
not simple sentences or otherwise easily guessable (English
prose has only 1-2 bits of entropy per word, and provides very bad
passphrases).
The passphrase can be changed later by using the
.Fl p
option.
.Pp
There is no way to recover a lost passphrase.
If the passphrase is
lost or forgotten, you will have to generate a new key and copy the
corresponding public key to other machines.
.Pp
For RSA, there is also a comment field in the key file that is only for
convenience to the user to help identify the key.
The comment can tell what the key is for, or whatever is useful.
The comment is initialized to
.Dq user@host
when the key is created, but can be changed using the
.Fl c
option.
.Pp
After a key is generated, instructions below detail where the keys
should be placed to be activated.
.Pp
The options are as follows:
.Bl -tag -width Ds
.It Fl b Ar bits
Specifies the number of bits in the key to create.
Minimum is 512 bits.
Generally 1024 bits is considered sufficient, and key sizes
above that no longer improve security but make things slower.
The default is 1024 bits.
.It Fl c
Requests changing the comment in the private and public key files.
The program will prompt for the file containing the private keys, for
passphrase if the key has one, and for the new comment.
.It Fl f
Specifies the filename of the key file.
.It Fl l
Show fingerprint of specified private or public key file.
.It Fl p
Requests changing the passphrase of a private key file instead of
creating a new private key.
The program will prompt for the file
containing the private key, for the old passphrase, and twice for the
new passphrase.
.It Fl q
Silence
.Nm ssh-keygen .
Used by
.Pa /etc/rc
when creating a new key.
.It Fl t Ar type
Specifies the type of the key to create.
The possible values are
.Dq rsa1
for protocol version 1 and
.Dq rsa
or
.Dq dsa
for protocol version 2.
The default is
.Dq rsa .
.It Fl C Ar comment
Provides the new comment.
.It Fl N Ar new_passphrase
Provides the new passphrase.
.It Fl P Ar passphrase
Provides the (old) passphrase.
.It Fl x
This option will read a private
OpenSSH DSA format file and print a SSH2-compatible public key to stdout.
.It Fl X
This option will read a unencrypted
SSH2-compatible private (or public) key file and
print an OpenSSH compatible private (or public) key to stdout.
.It Fl y
This option will read a private
OpenSSH format file and print an OpenSSH public key to stdout.
.El
.Sh FILES
.Bl -tag -width Ds
.It Pa $HOME/.ssh/identity
Contains the RSA authentication identity of the user.
This file should not be readable by anyone but the user.
It is possible to
specify a passphrase when generating the key; that passphrase will be
used to encrypt the private part of this file using 3DES.
This file is not automatically accessed by
.Nm
but it is offered as the default file for the private key.
.Xr sshd 8
will read this file when a login attempt is made.
.It Pa $HOME/.ssh/identity.pub
Contains the public key for authentication.
The contents of this file should be added to
.Pa $HOME/.ssh/authorized_keys
on all machines
where you wish to log in using RSA authentication.
There is no need to keep the contents of this file secret.
.It Pa $HOME/.ssh/id_dsa
Contains the DSA authentication identity of the user.
This file should not be readable by anyone but the user.
It is possible to
specify a passphrase when generating the key; that passphrase will be
used to encrypt the private part of this file using 3DES.
This file is not automatically accessed by
.Nm
but it is offered as the default file for the private key.
.Xr sshd 8
will read this file when a login attempt is made.
.It Pa $HOME/.ssh/id_dsa.pub
Contains the public key for authentication.
The contents of this file should be added to
.Pa $HOME/.ssh/authorized_keys2
on all machines
where you wish to log in using public key authentication.
There is no need to keep the contents of this file secret.
.El
.Sh AUTHORS
Tatu Ylonen <ylo@cs.hut.fi>
.Pp
OpenSSH
is a derivative of the original (free) ssh 1.2.12 release, but with bugs
removed and newer features re-added.
Rapidly after the 1.2.12 release,
newer versions bore successively more restrictive licenses.
This version of OpenSSH
.Bl -bullet
.It
has all components of a restrictive nature (i.e., patents, see
.Xr crypto 3 )
directly removed from the source code; any licensed or patented components
are chosen from
external libraries.
.It
has been updated to support ssh protocol 1.5.
.It
contains added support for
.Xr kerberos 8
authentication and ticket passing.
.It
supports one-time password authentication with
.Xr skey 1 .
.El
.Sh SEE ALSO
.Xr ssh 1 ,
.Xr ssh-add 1 ,
.Xr ssh-agent 1 ,
.Xr sshd 8 ,
.Xr crypto 3
Commit	Line	Data
23c2a7a5	1	.\" $OpenBSD: ssh-keygen.1,v 1.29 2001/01/29 01:58:18 niklas Exp $
23c2a7a5	2	.\"
bf740959	3	.\" -- nroff --
bf740959	4	.\"
bf740959	5	.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
bf740959	6	.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
	7	.\" All rights reserved
	8	.\"
bcbf86ec	9	.\" As far as I am concerned, the code I have written for this software
	10	.\" can be used freely for any purpose. Any derived versions of this
	11	.\" software must be clearly marked as such, and if the derived work is
	12	.\" incompatible with the protocol description in the RFC file, it must be
	13	.\" called by a name other than "ssh" or "Secure Shell".
	14	.\"
	15	.\"
	16	.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved.
	17	.\" Copyright (c) 1999 Aaron Campbell. All rights reserved.
	18	.\" Copyright (c) 1999 Theo de Raadt. All rights reserved.
	19	.\"
	20	.\" Redistribution and use in source and binary forms, with or without
	21	.\" modification, are permitted provided that the following conditions
	22	.\" are met:
	23	.\" 1. Redistributions of source code must retain the above copyright
	24	.\" notice, this list of conditions and the following disclaimer.
	25	.\" 2. Redistributions in binary form must reproduce the above copyright
	26	.\" notice, this list of conditions and the following disclaimer in the
	27	.\" documentation and/or other materials provided with the distribution.
bf740959	28	.\"
bcbf86ec	29	.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
	30	.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
	31	.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	32	.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
	33	.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	34	.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	35	.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
	36	.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	37	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
	38	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
bf740959	39	.\"
	40	.Dd September 25, 1999
	41	.Dt SSH-KEYGEN 1
	42	.Os
	43	.Sh NAME
	44	.Nm ssh-keygen
	45	.Nd authentication key generation
	46	.Sh SYNOPSIS
	47	.Nm ssh-keygen
fa08c86b	48	.Op Fl q
bf740959	49	.Op Fl b Ar bits
fa08c86b	50	.Op Fl t Ar type
bf740959	51	.Op Fl N Ar new_passphrase
bf740959	52	.Op Fl C Ar comment
7cd3766c	53	.Op Fl f Ar output_keyfile
bf740959	54	.Nm ssh-keygen
	55	.Fl p
	56	.Op Fl P Ar old_passphrase
	57	.Op Fl N Ar new_passphrase
f095fcc7	58	.Op Fl f Ar keyfile
bf740959	59	.Nm ssh-keygen
1d1ffb87	60	.Fl x
7cd3766c	61	.Op Fl f Ar input_keyfile
1d1ffb87	62	.Nm ssh-keygen
1d1ffb87	63	.Fl X
7cd3766c	64	.Op Fl f Ar input_keyfile
1d1ffb87	65	.Nm ssh-keygen
1d1ffb87	66	.Fl y
7cd3766c	67	.Op Fl f Ar input_keyfile
1d1ffb87	68	.Nm ssh-keygen
bf740959	69	.Fl c
	70	.Op Fl P Ar passphrase
	71	.Op Fl C Ar comment
f095fcc7	72	.Op Fl f Ar keyfile
	73	.Nm ssh-keygen
	74	.Fl l
7cd3766c	75	.Op Fl f Ar input_keyfile
f54651ce	76	.Sh DESCRIPTION
bf740959	77	.Nm
f54651ce	78	generates and manages authentication keys for
bf740959	79	.Xr ssh 1 .
1d1ffb87	80	.Nm
	81	defaults to generating an RSA key for use by protocols 1.3 and 1.5;
	82	specifying the
fa08c86b	83	.Fl t
b5c334cc	84	option allows you to create a key for use by protocol 2.0.
1d1ffb87	85	.Pp
bf740959	86	Normally each user wishing to use SSH
1d1ffb87	87	with RSA or DSA authentication runs this once to create the authentication
bf740959	88	key in
1d1ffb87	89	.Pa $HOME/.ssh/identity
	90	or
	91	.Pa $HOME/.ssh/id_dsa .
	92	Additionally, the system administrator may use this to generate host keys,
	93	as seen in
	94	.Pa /etc/rc .
bf740959	95	.Pp
bf740959	96	Normally this program generates the key and asks for a file in which
4fe2af09	97	to store the private key.
4fe2af09	98	The public key is stored in a file with the same name but
bf740959	99	.Dq .pub
4fe2af09	100	appended.
	101	The program also asks for a passphrase.
	102	The passphrase may be empty to indicate no passphrase
b5c334cc	103	(host keys must have an empty passphrase), or it may be a string of
4fe2af09	104	arbitrary length.
4fe2af09	105	Good passphrases are 10-30 characters long and are
bf740959	106	not simple sentences or otherwise easily guessable (English
bf740959	107	prose has only 1-2 bits of entropy per word, and provides very bad
4fe2af09	108	passphrases).
4fe2af09	109	The passphrase can be changed later by using the
bf740959	110	.Fl p
	111	option.
	112	.Pp
4fe2af09	113	There is no way to recover a lost passphrase.
4fe2af09	114	If the passphrase is
bf740959	115	lost or forgotten, you will have to generate a new key and copy the
	116	corresponding public key to other machines.
	117	.Pp
1d1ffb87	118	For RSA, there is also a comment field in the key file that is only for
4fe2af09	119	convenience to the user to help identify the key.
	120	The comment can tell what the key is for, or whatever is useful.
	121	The comment is initialized to
bf740959	122	.Dq user@host
	123	when the key is created, but can be changed using the
	124	.Fl c
	125	option.
	126	.Pp
1d1ffb87	127	After a key is generated, instructions below detail where the keys
	128	should be placed to be activated.
	129	.Pp
bf740959	130	The options are as follows:
	131	.Bl -tag -width Ds
	132	.It Fl b Ar bits
4fe2af09	133	Specifies the number of bits in the key to create.
	134	Minimum is 512 bits.
	135	Generally 1024 bits is considered sufficient, and key sizes
	136	above that no longer improve security but make things slower.
	137	The default is 1024 bits.
bf740959	138	.It Fl c
	139	Requests changing the comment in the private and public key files.
	140	The program will prompt for the file containing the private keys, for
	141	passphrase if the key has one, and for the new comment.
f095fcc7	142	.It Fl f
	143	Specifies the filename of the key file.
	144	.It Fl l
	145	Show fingerprint of specified private or public key file.
bf740959	146	.It Fl p
bf740959	147	Requests changing the passphrase of a private key file instead of
4fe2af09	148	creating a new private key.
4fe2af09	149	The program will prompt for the file
bf740959	150	containing the private key, for the old passphrase, and twice for the
	151	new passphrase.
	152	.It Fl q
	153	Silence
	154	.Nm ssh-keygen .
	155	Used by
	156	.Pa /etc/rc
	157	when creating a new key.
fa08c86b	158	.It Fl t Ar type
	159	Specifies the type of the key to create.
	160	The possible values are
	161	.Dq rsa1
	162	for protocol version 1 and
	163	.Dq rsa
	164	or
	165	.Dq dsa
	166	for protocol version 2.
	167	The default is
	168	.Dq rsa .
bf740959	169	.It Fl C Ar comment
	170	Provides the new comment.
	171	.It Fl N Ar new_passphrase
	172	Provides the new passphrase.
	173	.It Fl P Ar passphrase
	174	Provides the (old) passphrase.
1d1ffb87	175	.It Fl x
1d1ffb87	176	This option will read a private
d0c832f3	177	OpenSSH DSA format file and print a SSH2-compatible public key to stdout.
1d1ffb87	178	.It Fl X
94ec8c6b	179	This option will read a unencrypted
	180	SSH2-compatible private (or public) key file and
	181	print an OpenSSH compatible private (or public) key to stdout.
1d1ffb87	182	.It Fl y
1d1ffb87	183	This option will read a private
fa08c86b	184	OpenSSH format file and print an OpenSSH public key to stdout.
bf740959	185	.El
	186	.Sh FILES
	187	.Bl -tag -width Ds
bf740959	188	.It Pa $HOME/.ssh/identity
4fe2af09	189	Contains the RSA authentication identity of the user.
	190	This file should not be readable by anyone but the user.
	191	It is possible to
bf740959	192	specify a passphrase when generating the key; that passphrase will be
4fe2af09	193	used to encrypt the private part of this file using 3DES.
4fe2af09	194	This file is not automatically accessed by
bf740959	195	.Nm
bf740959	196	but it is offered as the default file for the private key.
1d1ffb87	197	.Xr sshd 8
1d1ffb87	198	will read this file when a login attempt is made.
bf740959	199	.It Pa $HOME/.ssh/identity.pub
4fe2af09	200	Contains the public key for authentication.
4fe2af09	201	The contents of this file should be added to
bf740959	202	.Pa $HOME/.ssh/authorized_keys
bf740959	203	on all machines
4fe2af09	204	where you wish to log in using RSA authentication.
4fe2af09	205	There is no need to keep the contents of this file secret.
1d1ffb87	206	.It Pa $HOME/.ssh/id_dsa
	207	Contains the DSA authentication identity of the user.
	208	This file should not be readable by anyone but the user.
	209	It is possible to
	210	specify a passphrase when generating the key; that passphrase will be
	211	used to encrypt the private part of this file using 3DES.
	212	This file is not automatically accessed by
	213	.Nm
	214	but it is offered as the default file for the private key.
	215	.Xr sshd 8
	216	will read this file when a login attempt is made.
	217	.It Pa $HOME/.ssh/id_dsa.pub
	218	Contains the public key for authentication.
	219	The contents of this file should be added to
	220	.Pa $HOME/.ssh/authorized_keys2
	221	on all machines
fa08c86b	222	where you wish to log in using public key authentication.
1d1ffb87	223	There is no need to keep the contents of this file secret.
089fbbd2	224	.El
fa08c86b	225	.Sh AUTHORS
bf740959	226	Tatu Ylonen <ylo@cs.hut.fi>
	227	.Pp
	228	OpenSSH
	229	is a derivative of the original (free) ssh 1.2.12 release, but with bugs
4fe2af09	230	removed and newer features re-added.
	231	Rapidly after the 1.2.12 release,
	232	newer versions bore successively more restrictive licenses.
	233	This version of OpenSSH
bf740959	234	.Bl -bullet
bf740959	235	.It
bcbf86ec	236	has all components of a restrictive nature (i.e., patents, see
bcbf86ec	237	.Xr crypto 3 )
bf740959	238	directly removed from the source code; any licensed or patented components
	239	are chosen from
	240	external libraries.
	241	.It
	242	has been updated to support ssh protocol 1.5.
	243	.It
f54651ce	244	contains added support for
bf740959	245	.Xr kerberos 8
	246	authentication and ticket passing.
	247	.It
	248	supports one-time password authentication with
	249	.Xr skey 1 .
	250	.El
bf740959	251	.Sh SEE ALSO
	252	.Xr ssh 1 ,
	253	.Xr ssh-add 1 ,
0c372277	254	.Xr ssh-agent 1 ,
bf740959	255	.Xr sshd 8 ,
bcbf86ec	256	.Xr crypto 3