[openssh.git] / ssh-keygen.1

.\"  -*- nroff -*-
.\"
.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
.\"                    All rights reserved
.\"
.\" As far as I am concerned, the code I have written for this software
.\" can be used freely for any purpose.  Any derived versions of this
.\" software must be clearly marked as such, and if the derived work is
.\" incompatible with the protocol description in the RFC file, it must be
.\" called by a name other than "ssh" or "Secure Shell".
.\"
.\"
.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved.
.\" Copyright (c) 1999 Aaron Campbell. All rights reserved.
.\" Copyright (c) 1999 Theo de Raadt. All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\"    notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\"    notice, this list of conditions and the following disclaimer in the
.\"    documentation and/or other materials provided with the distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd September 25, 1999
.Dt SSH-KEYGEN 1
.Os
.Sh NAME
.Nm ssh-keygen
.Nd authentication key generation
.Sh SYNOPSIS
.Nm ssh-keygen
.Op Fl dq
.Op Fl b Ar bits
.Op Fl N Ar new_passphrase
.Op Fl C Ar comment
.Op Fl f Ar output_keyfile
.Nm ssh-keygen
.Fl p
.Op Fl P Ar old_passphrase
.Op Fl N Ar new_passphrase
.Op Fl f Ar keyfile
.Nm ssh-keygen
.Fl x
.Op Fl f Ar input_keyfile
.Nm ssh-keygen
.Fl X
.Op Fl f Ar input_keyfile
.Nm ssh-keygen
.Fl y
.Op Fl f Ar input_keyfile
.Nm ssh-keygen
.Fl c
.Op Fl P Ar passphrase
.Op Fl C Ar comment
.Op Fl f Ar keyfile
.Nm ssh-keygen
.Fl l
.Op Fl f Ar input_keyfile
.Nm ssh-keygen
.Fl R
.Sh DESCRIPTION
.Nm
generates and manages authentication keys for
.Xr ssh 1 .
.Nm
defaults to generating an RSA key for use by protocols 1.3 and 1.5;
specifying the
.Fl d
flag will create a DSA key instead for use by protocol 2.0.
.Pp
Normally each user wishing to use SSH
with RSA or DSA authentication runs this once to create the authentication
key in
.Pa $HOME/.ssh/identity
or
.Pa $HOME/.ssh/id_dsa .
Additionally, the system administrator may use this to generate host keys,
as seen in
.Pa /etc/rc .
.Pp
Normally this program generates the key and asks for a file in which
to store the private key.
The public key is stored in a file with the same name but
.Dq .pub
appended.
The program also asks for a passphrase.
The passphrase may be empty to indicate no passphrase
(host keys must have empty passphrase), or it may be a string of
arbitrary length.
Good passphrases are 10-30 characters long and are
not simple sentences or otherwise easily guessable (English
prose has only 1-2 bits of entropy per word, and provides very bad
passphrases).
The passphrase can be changed later by using the
.Fl p
option.
.Pp
There is no way to recover a lost passphrase.
If the passphrase is
lost or forgotten, you will have to generate a new key and copy the
corresponding public key to other machines.
.Pp
For RSA, there is also a comment field in the key file that is only for
convenience to the user to help identify the key.
The comment can tell what the key is for, or whatever is useful.
The comment is initialized to
.Dq user@host
when the key is created, but can be changed using the
.Fl c
option.
.Pp
After a key is generated, instructions below detail where the keys
should be placed to be activated.
.Pp
The options are as follows:
.Bl -tag -width Ds
.It Fl b Ar bits
Specifies the number of bits in the key to create.
Minimum is 512 bits.
Generally 1024 bits is considered sufficient, and key sizes
above that no longer improve security but make things slower.
The default is 1024 bits.
.It Fl c
Requests changing the comment in the private and public key files.
The program will prompt for the file containing the private keys, for
passphrase if the key has one, and for the new comment.
.It Fl f
Specifies the filename of the key file.
.It Fl l
Show fingerprint of specified private or public key file.
.It Fl p
Requests changing the passphrase of a private key file instead of
creating a new private key.
The program will prompt for the file
containing the private key, for the old passphrase, and twice for the
new passphrase.
.It Fl q
Silence
.Nm ssh-keygen .
Used by
.Pa /etc/rc
when creating a new key.
.It Fl C Ar comment
Provides the new comment.
.It Fl N Ar new_passphrase
Provides the new passphrase.
.It Fl P Ar passphrase
Provides the (old) passphrase.
.It Fl R
If RSA support is functional, immediately exits with code 0.  If RSA
support is not functional, exits with code 1.  This flag will be
removed once the RSA patent expires.
.It Fl x
This option will read a private
OpenSSH DSA format file and print a SSH2-compatible public key to stdout.
.It Fl X
This option will read a unencrypted
SSH2-compatible private (or public) key file and
print an OpenSSH compatible private (or public) key to stdout.
.It Fl y
This option will read a private
OpenSSH DSA format file and print an OpenSSH DSA public key to stdout.
.El
.Sh FILES
.Bl -tag -width Ds
.It Pa $HOME/.ssh/identity
Contains the RSA authentication identity of the user.
This file should not be readable by anyone but the user.
It is possible to
specify a passphrase when generating the key; that passphrase will be
used to encrypt the private part of this file using 3DES.
This file is not automatically accessed by
.Nm
but it is offered as the default file for the private key.
.Xr sshd 8
will read this file when a login attempt is made.
.It Pa $HOME/.ssh/identity.pub
Contains the public key for authentication.
The contents of this file should be added to
.Pa $HOME/.ssh/authorized_keys
on all machines
where you wish to log in using RSA authentication.
There is no need to keep the contents of this file secret.
.It Pa $HOME/.ssh/id_dsa
Contains the DSA authentication identity of the user.
This file should not be readable by anyone but the user.
It is possible to
specify a passphrase when generating the key; that passphrase will be
used to encrypt the private part of this file using 3DES.
This file is not automatically accessed by
.Nm
but it is offered as the default file for the private key.
.Xr sshd 8
will read this file when a login attempt is made.
.It Pa $HOME/.ssh/id_dsa.pub
Contains the public key for authentication.
The contents of this file should be added to
.Pa $HOME/.ssh/authorized_keys2
on all machines
where you wish to log in using DSA authentication.
There is no need to keep the contents of this file secret.
.El
.Sh AUTHOR
Tatu Ylonen <ylo@cs.hut.fi>
.Pp
OpenSSH
is a derivative of the original (free) ssh 1.2.12 release, but with bugs
removed and newer features re-added.
Rapidly after the 1.2.12 release,
newer versions bore successively more restrictive licenses.
This version of OpenSSH
.Bl -bullet
.It
has all components of a restrictive nature (i.e., patents, see
.Xr crypto 3 )
directly removed from the source code; any licensed or patented components
are chosen from
external libraries.
.It
has been updated to support ssh protocol 1.5.
.It
contains added support for
.Xr kerberos 8
authentication and ticket passing.
.It
supports one-time password authentication with
.Xr skey 1 .
.El
.Sh SEE ALSO
.Xr ssh 1 ,
.Xr ssh-add 1 ,
.Xr ssh-agent 1 ,
.Xr sshd 8 ,
.Xr crypto 3
Commit	Line	Data
bf740959	1	.\" -- nroff --
bf740959	2	.\"
bf740959	3	.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
bf740959	4	.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
	5	.\" All rights reserved
	6	.\"
bcbf86ec	7	.\" As far as I am concerned, the code I have written for this software
	8	.\" can be used freely for any purpose. Any derived versions of this
	9	.\" software must be clearly marked as such, and if the derived work is
	10	.\" incompatible with the protocol description in the RFC file, it must be
	11	.\" called by a name other than "ssh" or "Secure Shell".
	12	.\"
	13	.\"
	14	.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved.
	15	.\" Copyright (c) 1999 Aaron Campbell. All rights reserved.
	16	.\" Copyright (c) 1999 Theo de Raadt. All rights reserved.
	17	.\"
	18	.\" Redistribution and use in source and binary forms, with or without
	19	.\" modification, are permitted provided that the following conditions
	20	.\" are met:
	21	.\" 1. Redistributions of source code must retain the above copyright
	22	.\" notice, this list of conditions and the following disclaimer.
	23	.\" 2. Redistributions in binary form must reproduce the above copyright
	24	.\" notice, this list of conditions and the following disclaimer in the
	25	.\" documentation and/or other materials provided with the distribution.
bf740959	26	.\"
bcbf86ec	27	.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
	28	.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
	29	.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	30	.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
	31	.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	32	.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	33	.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
	34	.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	35	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
	36	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
bf740959	37	.\"
	38	.Dd September 25, 1999
	39	.Dt SSH-KEYGEN 1
	40	.Os
	41	.Sh NAME
	42	.Nm ssh-keygen
	43	.Nd authentication key generation
	44	.Sh SYNOPSIS
	45	.Nm ssh-keygen
1d1ffb87	46	.Op Fl dq
bf740959	47	.Op Fl b Ar bits
	48	.Op Fl N Ar new_passphrase
	49	.Op Fl C Ar comment
7cd3766c	50	.Op Fl f Ar output_keyfile
bf740959	51	.Nm ssh-keygen
	52	.Fl p
	53	.Op Fl P Ar old_passphrase
	54	.Op Fl N Ar new_passphrase
f095fcc7	55	.Op Fl f Ar keyfile
bf740959	56	.Nm ssh-keygen
1d1ffb87	57	.Fl x
7cd3766c	58	.Op Fl f Ar input_keyfile
1d1ffb87	59	.Nm ssh-keygen
1d1ffb87	60	.Fl X
7cd3766c	61	.Op Fl f Ar input_keyfile
1d1ffb87	62	.Nm ssh-keygen
1d1ffb87	63	.Fl y
7cd3766c	64	.Op Fl f Ar input_keyfile
1d1ffb87	65	.Nm ssh-keygen
bf740959	66	.Fl c
	67	.Op Fl P Ar passphrase
	68	.Op Fl C Ar comment
f095fcc7	69	.Op Fl f Ar keyfile
	70	.Nm ssh-keygen
	71	.Fl l
7cd3766c	72	.Op Fl f Ar input_keyfile
a306f2dd	73	.Nm ssh-keygen
a306f2dd	74	.Fl R
f54651ce	75	.Sh DESCRIPTION
bf740959	76	.Nm
f54651ce	77	generates and manages authentication keys for
bf740959	78	.Xr ssh 1 .
1d1ffb87	79	.Nm
	80	defaults to generating an RSA key for use by protocols 1.3 and 1.5;
	81	specifying the
	82	.Fl d
	83	flag will create a DSA key instead for use by protocol 2.0.
	84	.Pp
bf740959	85	Normally each user wishing to use SSH
1d1ffb87	86	with RSA or DSA authentication runs this once to create the authentication
bf740959	87	key in
1d1ffb87	88	.Pa $HOME/.ssh/identity
	89	or
	90	.Pa $HOME/.ssh/id_dsa .
	91	Additionally, the system administrator may use this to generate host keys,
	92	as seen in
	93	.Pa /etc/rc .
bf740959	94	.Pp
bf740959	95	Normally this program generates the key and asks for a file in which
4fe2af09	96	to store the private key.
4fe2af09	97	The public key is stored in a file with the same name but
bf740959	98	.Dq .pub
4fe2af09	99	appended.
	100	The program also asks for a passphrase.
	101	The passphrase may be empty to indicate no passphrase
bf740959	102	(host keys must have empty passphrase), or it may be a string of
4fe2af09	103	arbitrary length.
4fe2af09	104	Good passphrases are 10-30 characters long and are
bf740959	105	not simple sentences or otherwise easily guessable (English
bf740959	106	prose has only 1-2 bits of entropy per word, and provides very bad
4fe2af09	107	passphrases).
4fe2af09	108	The passphrase can be changed later by using the
bf740959	109	.Fl p
	110	option.
	111	.Pp
4fe2af09	112	There is no way to recover a lost passphrase.
4fe2af09	113	If the passphrase is
bf740959	114	lost or forgotten, you will have to generate a new key and copy the
	115	corresponding public key to other machines.
	116	.Pp
1d1ffb87	117	For RSA, there is also a comment field in the key file that is only for
4fe2af09	118	convenience to the user to help identify the key.
	119	The comment can tell what the key is for, or whatever is useful.
	120	The comment is initialized to
bf740959	121	.Dq user@host
	122	when the key is created, but can be changed using the
	123	.Fl c
	124	option.
	125	.Pp
1d1ffb87	126	After a key is generated, instructions below detail where the keys
	127	should be placed to be activated.
	128	.Pp
bf740959	129	The options are as follows:
	130	.Bl -tag -width Ds
	131	.It Fl b Ar bits
4fe2af09	132	Specifies the number of bits in the key to create.
	133	Minimum is 512 bits.
	134	Generally 1024 bits is considered sufficient, and key sizes
	135	above that no longer improve security but make things slower.
	136	The default is 1024 bits.
bf740959	137	.It Fl c
	138	Requests changing the comment in the private and public key files.
	139	The program will prompt for the file containing the private keys, for
	140	passphrase if the key has one, and for the new comment.
f095fcc7	141	.It Fl f
	142	Specifies the filename of the key file.
	143	.It Fl l
	144	Show fingerprint of specified private or public key file.
bf740959	145	.It Fl p
bf740959	146	Requests changing the passphrase of a private key file instead of
4fe2af09	147	creating a new private key.
4fe2af09	148	The program will prompt for the file
bf740959	149	containing the private key, for the old passphrase, and twice for the
	150	new passphrase.
	151	.It Fl q
	152	Silence
	153	.Nm ssh-keygen .
	154	Used by
	155	.Pa /etc/rc
	156	when creating a new key.
	157	.It Fl C Ar comment
	158	Provides the new comment.
	159	.It Fl N Ar new_passphrase
	160	Provides the new passphrase.
	161	.It Fl P Ar passphrase
	162	Provides the (old) passphrase.
a306f2dd	163	.It Fl R
	164	If RSA support is functional, immediately exits with code 0. If RSA
	165	support is not functional, exits with code 1. This flag will be
	166	removed once the RSA patent expires.
1d1ffb87	167	.It Fl x
1d1ffb87	168	This option will read a private
d0c832f3	169	OpenSSH DSA format file and print a SSH2-compatible public key to stdout.
1d1ffb87	170	.It Fl X
94ec8c6b	171	This option will read a unencrypted
	172	SSH2-compatible private (or public) key file and
	173	print an OpenSSH compatible private (or public) key to stdout.
1d1ffb87	174	.It Fl y
1d1ffb87	175	This option will read a private
d0c832f3	176	OpenSSH DSA format file and print an OpenSSH DSA public key to stdout.
bf740959	177	.El
	178	.Sh FILES
	179	.Bl -tag -width Ds
bf740959	180	.It Pa $HOME/.ssh/identity
4fe2af09	181	Contains the RSA authentication identity of the user.
	182	This file should not be readable by anyone but the user.
	183	It is possible to
bf740959	184	specify a passphrase when generating the key; that passphrase will be
4fe2af09	185	used to encrypt the private part of this file using 3DES.
4fe2af09	186	This file is not automatically accessed by
bf740959	187	.Nm
bf740959	188	but it is offered as the default file for the private key.
1d1ffb87	189	.Xr sshd 8
1d1ffb87	190	will read this file when a login attempt is made.
bf740959	191	.It Pa $HOME/.ssh/identity.pub
4fe2af09	192	Contains the public key for authentication.
4fe2af09	193	The contents of this file should be added to
bf740959	194	.Pa $HOME/.ssh/authorized_keys
bf740959	195	on all machines
4fe2af09	196	where you wish to log in using RSA authentication.
4fe2af09	197	There is no need to keep the contents of this file secret.
1d1ffb87	198	.It Pa $HOME/.ssh/id_dsa
	199	Contains the DSA authentication identity of the user.
	200	This file should not be readable by anyone but the user.
	201	It is possible to
	202	specify a passphrase when generating the key; that passphrase will be
	203	used to encrypt the private part of this file using 3DES.
	204	This file is not automatically accessed by
	205	.Nm
	206	but it is offered as the default file for the private key.
	207	.Xr sshd 8
	208	will read this file when a login attempt is made.
	209	.It Pa $HOME/.ssh/id_dsa.pub
	210	Contains the public key for authentication.
	211	The contents of this file should be added to
	212	.Pa $HOME/.ssh/authorized_keys2
	213	on all machines
	214	where you wish to log in using DSA authentication.
	215	There is no need to keep the contents of this file secret.
089fbbd2	216	.El
bf740959	217	.Sh AUTHOR
	218	Tatu Ylonen <ylo@cs.hut.fi>
	219	.Pp
	220	OpenSSH
	221	is a derivative of the original (free) ssh 1.2.12 release, but with bugs
4fe2af09	222	removed and newer features re-added.
	223	Rapidly after the 1.2.12 release,
	224	newer versions bore successively more restrictive licenses.
	225	This version of OpenSSH
bf740959	226	.Bl -bullet
bf740959	227	.It
bcbf86ec	228	has all components of a restrictive nature (i.e., patents, see
bcbf86ec	229	.Xr crypto 3 )
bf740959	230	directly removed from the source code; any licensed or patented components
	231	are chosen from
	232	external libraries.
	233	.It
	234	has been updated to support ssh protocol 1.5.
	235	.It
f54651ce	236	contains added support for
bf740959	237	.Xr kerberos 8
	238	authentication and ticket passing.
	239	.It
	240	supports one-time password authentication with
	241	.Xr skey 1 .
	242	.El
bf740959	243	.Sh SEE ALSO
	244	.Xr ssh 1 ,
	245	.Xr ssh-add 1 ,
0c372277	246	.Xr ssh-agent 1 ,
bf740959	247	.Xr sshd 8 ,
bcbf86ec	248	.Xr crypto 3