[openssh.git] / ssh-keygen.1

.\"  -*- nroff -*-
.\"
.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
.\"                    All rights reserved
.\"
.\" As far as I am concerned, the code I have written for this software
.\" can be used freely for any purpose.  Any derived versions of this
.\" software must be clearly marked as such, and if the derived work is
.\" incompatible with the protocol description in the RFC file, it must be
.\" called by a name other than "ssh" or "Secure Shell".
.\"
.\"
.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved.
.\" Copyright (c) 1999 Aaron Campbell. All rights reserved.
.\" Copyright (c) 1999 Theo de Raadt. All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\"    notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\"    notice, this list of conditions and the following disclaimer in the
.\"    documentation and/or other materials provided with the distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd September 25, 1999
.Dt SSH-KEYGEN 1
.Os
.Sh NAME
.Nm ssh-keygen
.Nd authentication key generation
.Sh SYNOPSIS
.Nm ssh-keygen
.Op Fl q
.Op Fl b Ar bits
.Op Fl t Ar type
.Op Fl N Ar new_passphrase
.Op Fl C Ar comment
.Op Fl f Ar output_keyfile
.Nm ssh-keygen
.Fl p
.Op Fl P Ar old_passphrase
.Op Fl N Ar new_passphrase
.Op Fl f Ar keyfile
.Nm ssh-keygen
.Fl x
.Op Fl f Ar input_keyfile
.Nm ssh-keygen
.Fl X
.Op Fl f Ar input_keyfile
.Nm ssh-keygen
.Fl y
.Op Fl f Ar input_keyfile
.Nm ssh-keygen
.Fl c
.Op Fl P Ar passphrase
.Op Fl C Ar comment
.Op Fl f Ar keyfile
.Nm ssh-keygen
.Fl l
.Op Fl f Ar input_keyfile
.Nm ssh-keygen
.Fl R
.Sh DESCRIPTION
.Nm
generates and manages authentication keys for
.Xr ssh 1 .
.Nm
defaults to generating an RSA key for use by protocols 1.3 and 1.5;
specifying the
.Fl t
option allows you to create a key for use by protocol 2.0.
.Pp
Normally each user wishing to use SSH
with RSA or DSA authentication runs this once to create the authentication
key in
.Pa $HOME/.ssh/identity
or
.Pa $HOME/.ssh/id_dsa .
Additionally, the system administrator may use this to generate host keys,
as seen in
.Pa /etc/rc .
.Pp
Normally this program generates the key and asks for a file in which
to store the private key.
The public key is stored in a file with the same name but
.Dq .pub
appended.
The program also asks for a passphrase.
The passphrase may be empty to indicate no passphrase
(host keys must have an empty passphrase), or it may be a string of
arbitrary length.
Good passphrases are 10-30 characters long and are
not simple sentences or otherwise easily guessable (English
prose has only 1-2 bits of entropy per word, and provides very bad
passphrases).
The passphrase can be changed later by using the
.Fl p
option.
.Pp
There is no way to recover a lost passphrase.
If the passphrase is
lost or forgotten, you will have to generate a new key and copy the
corresponding public key to other machines.
.Pp
For RSA, there is also a comment field in the key file that is only for
convenience to the user to help identify the key.
The comment can tell what the key is for, or whatever is useful.
The comment is initialized to
.Dq user@host
when the key is created, but can be changed using the
.Fl c
option.
.Pp
After a key is generated, instructions below detail where the keys
should be placed to be activated.
.Pp
The options are as follows:
.Bl -tag -width Ds
.It Fl b Ar bits
Specifies the number of bits in the key to create.
Minimum is 512 bits.
Generally 1024 bits is considered sufficient, and key sizes
above that no longer improve security but make things slower.
The default is 1024 bits.
.It Fl c
Requests changing the comment in the private and public key files.
The program will prompt for the file containing the private keys, for
passphrase if the key has one, and for the new comment.
.It Fl f
Specifies the filename of the key file.
.It Fl l
Show fingerprint of specified private or public key file.
.It Fl p
Requests changing the passphrase of a private key file instead of
creating a new private key.
The program will prompt for the file
containing the private key, for the old passphrase, and twice for the
new passphrase.
.It Fl q
Silence
.Nm ssh-keygen .
Used by
.Pa /etc/rc
when creating a new key.
.It Fl t Ar type
Specifies the type of the key to create.
The possible values are
.Dq rsa1
for protocol version 1 and
.Dq rsa
or
.Dq dsa
for protocol version 2.
The default is
.Dq rsa .
.It Fl C Ar comment
Provides the new comment.
.It Fl N Ar new_passphrase
Provides the new passphrase.
.It Fl P Ar passphrase
Provides the (old) passphrase.
.It Fl R
If RSA support is functional, immediately exits with code 0.  If RSA
support is not functional, exits with code 1.  This flag will be
removed once the RSA patent expires.
.It Fl x
This option will read a private
OpenSSH DSA format file and print a SSH2-compatible public key to stdout.
.It Fl X
This option will read a unencrypted
SSH2-compatible private (or public) key file and
print an OpenSSH compatible private (or public) key to stdout.
.It Fl y
This option will read a private
OpenSSH format file and print an OpenSSH public key to stdout.
.El
.Sh FILES
.Bl -tag -width Ds
.It Pa $HOME/.ssh/identity
Contains the RSA authentication identity of the user.
This file should not be readable by anyone but the user.
It is possible to
specify a passphrase when generating the key; that passphrase will be
used to encrypt the private part of this file using 3DES.
This file is not automatically accessed by
.Nm
but it is offered as the default file for the private key.
.Xr sshd 8
will read this file when a login attempt is made.
.It Pa $HOME/.ssh/identity.pub
Contains the public key for authentication.
The contents of this file should be added to
.Pa $HOME/.ssh/authorized_keys
on all machines
where you wish to log in using RSA authentication.
There is no need to keep the contents of this file secret.
.It Pa $HOME/.ssh/id_dsa
Contains the DSA authentication identity of the user.
This file should not be readable by anyone but the user.
It is possible to
specify a passphrase when generating the key; that passphrase will be
used to encrypt the private part of this file using 3DES.
This file is not automatically accessed by
.Nm
but it is offered as the default file for the private key.
.Xr sshd 8
will read this file when a login attempt is made.
.It Pa $HOME/.ssh/id_dsa.pub
Contains the public key for authentication.
The contents of this file should be added to
.Pa $HOME/.ssh/authorized_keys2
on all machines
where you wish to log in using public key authentication.
There is no need to keep the contents of this file secret.
.El
.Sh AUTHORS
Tatu Ylonen <ylo@cs.hut.fi>
.Pp
OpenSSH
is a derivative of the original (free) ssh 1.2.12 release, but with bugs
removed and newer features re-added.
Rapidly after the 1.2.12 release,
newer versions bore successively more restrictive licenses.
This version of OpenSSH
.Bl -bullet
.It
has all components of a restrictive nature (i.e., patents, see
.Xr crypto 3 )
directly removed from the source code; any licensed or patented components
are chosen from
external libraries.
.It
has been updated to support ssh protocol 1.5.
.It
contains added support for
.Xr kerberos 8
authentication and ticket passing.
.It
supports one-time password authentication with
.Xr skey 1 .
.El
.Sh SEE ALSO
.Xr ssh 1 ,
.Xr ssh-add 1 ,
.Xr ssh-agent 1 ,
.Xr sshd 8 ,
.Xr crypto 3
Commit	Line	Data
bf740959	1	.\" -- nroff --
bf740959	2	.\"
bf740959	3	.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
bf740959	4	.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
	5	.\" All rights reserved
	6	.\"
bcbf86ec	7	.\" As far as I am concerned, the code I have written for this software
	8	.\" can be used freely for any purpose. Any derived versions of this
	9	.\" software must be clearly marked as such, and if the derived work is
	10	.\" incompatible with the protocol description in the RFC file, it must be
	11	.\" called by a name other than "ssh" or "Secure Shell".
	12	.\"
	13	.\"
	14	.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved.
	15	.\" Copyright (c) 1999 Aaron Campbell. All rights reserved.
	16	.\" Copyright (c) 1999 Theo de Raadt. All rights reserved.
	17	.\"
	18	.\" Redistribution and use in source and binary forms, with or without
	19	.\" modification, are permitted provided that the following conditions
	20	.\" are met:
	21	.\" 1. Redistributions of source code must retain the above copyright
	22	.\" notice, this list of conditions and the following disclaimer.
	23	.\" 2. Redistributions in binary form must reproduce the above copyright
	24	.\" notice, this list of conditions and the following disclaimer in the
	25	.\" documentation and/or other materials provided with the distribution.
bf740959	26	.\"
bcbf86ec	27	.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
	28	.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
	29	.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	30	.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
	31	.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	32	.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	33	.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
	34	.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	35	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
	36	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
bf740959	37	.\"
	38	.Dd September 25, 1999
	39	.Dt SSH-KEYGEN 1
	40	.Os
	41	.Sh NAME
	42	.Nm ssh-keygen
	43	.Nd authentication key generation
	44	.Sh SYNOPSIS
	45	.Nm ssh-keygen
fa08c86b	46	.Op Fl q
bf740959	47	.Op Fl b Ar bits
fa08c86b	48	.Op Fl t Ar type
bf740959	49	.Op Fl N Ar new_passphrase
bf740959	50	.Op Fl C Ar comment
7cd3766c	51	.Op Fl f Ar output_keyfile
bf740959	52	.Nm ssh-keygen
	53	.Fl p
	54	.Op Fl P Ar old_passphrase
	55	.Op Fl N Ar new_passphrase
f095fcc7	56	.Op Fl f Ar keyfile
bf740959	57	.Nm ssh-keygen
1d1ffb87	58	.Fl x
7cd3766c	59	.Op Fl f Ar input_keyfile
1d1ffb87	60	.Nm ssh-keygen
1d1ffb87	61	.Fl X
7cd3766c	62	.Op Fl f Ar input_keyfile
1d1ffb87	63	.Nm ssh-keygen
1d1ffb87	64	.Fl y
7cd3766c	65	.Op Fl f Ar input_keyfile
1d1ffb87	66	.Nm ssh-keygen
bf740959	67	.Fl c
	68	.Op Fl P Ar passphrase
	69	.Op Fl C Ar comment
f095fcc7	70	.Op Fl f Ar keyfile
	71	.Nm ssh-keygen
	72	.Fl l
7cd3766c	73	.Op Fl f Ar input_keyfile
a306f2dd	74	.Nm ssh-keygen
a306f2dd	75	.Fl R
f54651ce	76	.Sh DESCRIPTION
bf740959	77	.Nm
f54651ce	78	generates and manages authentication keys for
bf740959	79	.Xr ssh 1 .
1d1ffb87	80	.Nm
	81	defaults to generating an RSA key for use by protocols 1.3 and 1.5;
	82	specifying the
fa08c86b	83	.Fl t
b5c334cc	84	option allows you to create a key for use by protocol 2.0.
1d1ffb87	85	.Pp
bf740959	86	Normally each user wishing to use SSH
1d1ffb87	87	with RSA or DSA authentication runs this once to create the authentication
bf740959	88	key in
1d1ffb87	89	.Pa $HOME/.ssh/identity
	90	or
	91	.Pa $HOME/.ssh/id_dsa .
	92	Additionally, the system administrator may use this to generate host keys,
	93	as seen in
	94	.Pa /etc/rc .
bf740959	95	.Pp
bf740959	96	Normally this program generates the key and asks for a file in which
4fe2af09	97	to store the private key.
4fe2af09	98	The public key is stored in a file with the same name but
bf740959	99	.Dq .pub
4fe2af09	100	appended.
	101	The program also asks for a passphrase.
	102	The passphrase may be empty to indicate no passphrase
b5c334cc	103	(host keys must have an empty passphrase), or it may be a string of
4fe2af09	104	arbitrary length.
4fe2af09	105	Good passphrases are 10-30 characters long and are
bf740959	106	not simple sentences or otherwise easily guessable (English
bf740959	107	prose has only 1-2 bits of entropy per word, and provides very bad
4fe2af09	108	passphrases).
4fe2af09	109	The passphrase can be changed later by using the
bf740959	110	.Fl p
	111	option.
	112	.Pp
4fe2af09	113	There is no way to recover a lost passphrase.
4fe2af09	114	If the passphrase is
bf740959	115	lost or forgotten, you will have to generate a new key and copy the
	116	corresponding public key to other machines.
	117	.Pp
1d1ffb87	118	For RSA, there is also a comment field in the key file that is only for
4fe2af09	119	convenience to the user to help identify the key.
	120	The comment can tell what the key is for, or whatever is useful.
	121	The comment is initialized to
bf740959	122	.Dq user@host
	123	when the key is created, but can be changed using the
	124	.Fl c
	125	option.
	126	.Pp
1d1ffb87	127	After a key is generated, instructions below detail where the keys
	128	should be placed to be activated.
	129	.Pp
bf740959	130	The options are as follows:
	131	.Bl -tag -width Ds
	132	.It Fl b Ar bits
4fe2af09	133	Specifies the number of bits in the key to create.
	134	Minimum is 512 bits.
	135	Generally 1024 bits is considered sufficient, and key sizes
	136	above that no longer improve security but make things slower.
	137	The default is 1024 bits.
bf740959	138	.It Fl c
	139	Requests changing the comment in the private and public key files.
	140	The program will prompt for the file containing the private keys, for
	141	passphrase if the key has one, and for the new comment.
f095fcc7	142	.It Fl f
	143	Specifies the filename of the key file.
	144	.It Fl l
	145	Show fingerprint of specified private or public key file.
bf740959	146	.It Fl p
bf740959	147	Requests changing the passphrase of a private key file instead of
4fe2af09	148	creating a new private key.
4fe2af09	149	The program will prompt for the file
bf740959	150	containing the private key, for the old passphrase, and twice for the
	151	new passphrase.
	152	.It Fl q
	153	Silence
	154	.Nm ssh-keygen .
	155	Used by
	156	.Pa /etc/rc
	157	when creating a new key.
fa08c86b	158	.It Fl t Ar type
	159	Specifies the type of the key to create.
	160	The possible values are
	161	.Dq rsa1
	162	for protocol version 1 and
	163	.Dq rsa
	164	or
	165	.Dq dsa
	166	for protocol version 2.
	167	The default is
	168	.Dq rsa .
bf740959	169	.It Fl C Ar comment
	170	Provides the new comment.
	171	.It Fl N Ar new_passphrase
	172	Provides the new passphrase.
	173	.It Fl P Ar passphrase
	174	Provides the (old) passphrase.
a306f2dd	175	.It Fl R
	176	If RSA support is functional, immediately exits with code 0. If RSA
	177	support is not functional, exits with code 1. This flag will be
	178	removed once the RSA patent expires.
1d1ffb87	179	.It Fl x
1d1ffb87	180	This option will read a private
d0c832f3	181	OpenSSH DSA format file and print a SSH2-compatible public key to stdout.
1d1ffb87	182	.It Fl X
94ec8c6b	183	This option will read a unencrypted
	184	SSH2-compatible private (or public) key file and
	185	print an OpenSSH compatible private (or public) key to stdout.
1d1ffb87	186	.It Fl y
1d1ffb87	187	This option will read a private
fa08c86b	188	OpenSSH format file and print an OpenSSH public key to stdout.
bf740959	189	.El
	190	.Sh FILES
	191	.Bl -tag -width Ds
bf740959	192	.It Pa $HOME/.ssh/identity
4fe2af09	193	Contains the RSA authentication identity of the user.
	194	This file should not be readable by anyone but the user.
	195	It is possible to
bf740959	196	specify a passphrase when generating the key; that passphrase will be
4fe2af09	197	used to encrypt the private part of this file using 3DES.
4fe2af09	198	This file is not automatically accessed by
bf740959	199	.Nm
bf740959	200	but it is offered as the default file for the private key.
1d1ffb87	201	.Xr sshd 8
1d1ffb87	202	will read this file when a login attempt is made.
bf740959	203	.It Pa $HOME/.ssh/identity.pub
4fe2af09	204	Contains the public key for authentication.
4fe2af09	205	The contents of this file should be added to
bf740959	206	.Pa $HOME/.ssh/authorized_keys
bf740959	207	on all machines
4fe2af09	208	where you wish to log in using RSA authentication.
4fe2af09	209	There is no need to keep the contents of this file secret.
1d1ffb87	210	.It Pa $HOME/.ssh/id_dsa
	211	Contains the DSA authentication identity of the user.
	212	This file should not be readable by anyone but the user.
	213	It is possible to
	214	specify a passphrase when generating the key; that passphrase will be
	215	used to encrypt the private part of this file using 3DES.
	216	This file is not automatically accessed by
	217	.Nm
	218	but it is offered as the default file for the private key.
	219	.Xr sshd 8
	220	will read this file when a login attempt is made.
	221	.It Pa $HOME/.ssh/id_dsa.pub
	222	Contains the public key for authentication.
	223	The contents of this file should be added to
	224	.Pa $HOME/.ssh/authorized_keys2
	225	on all machines
fa08c86b	226	where you wish to log in using public key authentication.
1d1ffb87	227	There is no need to keep the contents of this file secret.
089fbbd2	228	.El
fa08c86b	229	.Sh AUTHORS
bf740959	230	Tatu Ylonen <ylo@cs.hut.fi>
	231	.Pp
	232	OpenSSH
	233	is a derivative of the original (free) ssh 1.2.12 release, but with bugs
4fe2af09	234	removed and newer features re-added.
	235	Rapidly after the 1.2.12 release,
	236	newer versions bore successively more restrictive licenses.
	237	This version of OpenSSH
bf740959	238	.Bl -bullet
bf740959	239	.It
bcbf86ec	240	has all components of a restrictive nature (i.e., patents, see
bcbf86ec	241	.Xr crypto 3 )
bf740959	242	directly removed from the source code; any licensed or patented components
	243	are chosen from
	244	external libraries.
	245	.It
	246	has been updated to support ssh protocol 1.5.
	247	.It
f54651ce	248	contains added support for
bf740959	249	.Xr kerberos 8
	250	authentication and ticket passing.
	251	.It
	252	supports one-time password authentication with
	253	.Xr skey 1 .
	254	.El
bf740959	255	.Sh SEE ALSO
	256	.Xr ssh 1 ,
	257	.Xr ssh-add 1 ,
0c372277	258	.Xr ssh-agent 1 ,
bf740959	259	.Xr sshd 8 ,
bcbf86ec	260	.Xr crypto 3