[openssh.git] / ssh-keygen.1

.\"  -*- nroff -*-
.\"
.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
.\"                    All rights reserved
.\"
.\" As far as I am concerned, the code I have written for this software
.\" can be used freely for any purpose.  Any derived versions of this
.\" software must be clearly marked as such, and if the derived work is
.\" incompatible with the protocol description in the RFC file, it must be
.\" called by a name other than "ssh" or "Secure Shell".
.\"
.\"
.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved.
.\" Copyright (c) 1999 Aaron Campbell. All rights reserved.
.\" Copyright (c) 1999 Theo de Raadt. All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\"    notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\"    notice, this list of conditions and the following disclaimer in the
.\"    documentation and/or other materials provided with the distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd September 25, 1999
.Dt SSH-KEYGEN 1
.Os
.Sh NAME
.Nm ssh-keygen
.Nd authentication key generation
.Sh SYNOPSIS
.Nm ssh-keygen
.Op Fl q
.Op Fl b Ar bits
.Op Fl t Ar type
.Op Fl N Ar new_passphrase
.Op Fl C Ar comment
.Op Fl f Ar output_keyfile
.Nm ssh-keygen
.Fl p
.Op Fl P Ar old_passphrase
.Op Fl N Ar new_passphrase
.Op Fl f Ar keyfile
.Nm ssh-keygen
.Fl x
.Op Fl f Ar input_keyfile
.Nm ssh-keygen
.Fl X
.Op Fl f Ar input_keyfile
.Nm ssh-keygen
.Fl y
.Op Fl f Ar input_keyfile
.Nm ssh-keygen
.Fl c
.Op Fl P Ar passphrase
.Op Fl C Ar comment
.Op Fl f Ar keyfile
.Nm ssh-keygen
.Fl l
.Op Fl f Ar input_keyfile
.Sh DESCRIPTION
.Nm
generates and manages authentication keys for
.Xr ssh 1 .
.Nm
defaults to generating an RSA key for use by protocols 1.3 and 1.5;
specifying the
.Fl t
option allows you to create a key for use by protocol 2.0.
.Pp
Normally each user wishing to use SSH
with RSA or DSA authentication runs this once to create the authentication
key in
.Pa $HOME/.ssh/identity
or
.Pa $HOME/.ssh/id_dsa .
Additionally, the system administrator may use this to generate host keys,
as seen in
.Pa /etc/rc .
.Pp
Normally this program generates the key and asks for a file in which
to store the private key.
The public key is stored in a file with the same name but
.Dq .pub
appended.
The program also asks for a passphrase.
The passphrase may be empty to indicate no passphrase
(host keys must have an empty passphrase), or it may be a string of
arbitrary length.
Good passphrases are 10-30 characters long and are
not simple sentences or otherwise easily guessable (English
prose has only 1-2 bits of entropy per word, and provides very bad
passphrases).
The passphrase can be changed later by using the
.Fl p
option.
.Pp
There is no way to recover a lost passphrase.
If the passphrase is
lost or forgotten, you will have to generate a new key and copy the
corresponding public key to other machines.
.Pp
For RSA, there is also a comment field in the key file that is only for
convenience to the user to help identify the key.
The comment can tell what the key is for, or whatever is useful.
The comment is initialized to
.Dq user@host
when the key is created, but can be changed using the
.Fl c
option.
.Pp
After a key is generated, instructions below detail where the keys
should be placed to be activated.
.Pp
The options are as follows:
.Bl -tag -width Ds
.It Fl b Ar bits
Specifies the number of bits in the key to create.
Minimum is 512 bits.
Generally 1024 bits is considered sufficient, and key sizes
above that no longer improve security but make things slower.
The default is 1024 bits.
.It Fl c
Requests changing the comment in the private and public key files.
The program will prompt for the file containing the private keys, for
passphrase if the key has one, and for the new comment.
.It Fl f
Specifies the filename of the key file.
.It Fl l
Show fingerprint of specified private or public key file.
.It Fl p
Requests changing the passphrase of a private key file instead of
creating a new private key.
The program will prompt for the file
containing the private key, for the old passphrase, and twice for the
new passphrase.
.It Fl q
Silence
.Nm ssh-keygen .
Used by
.Pa /etc/rc
when creating a new key.
.It Fl t Ar type
Specifies the type of the key to create.
The possible values are
.Dq rsa1
for protocol version 1 and
.Dq rsa
or
.Dq dsa
for protocol version 2.
The default is
.Dq rsa .
.It Fl C Ar comment
Provides the new comment.
.It Fl N Ar new_passphrase
Provides the new passphrase.
.It Fl P Ar passphrase
Provides the (old) passphrase.
.It Fl x
This option will read a private
OpenSSH DSA format file and print a SSH2-compatible public key to stdout.
.It Fl X
This option will read a unencrypted
SSH2-compatible private (or public) key file and
print an OpenSSH compatible private (or public) key to stdout.
.It Fl y
This option will read a private
OpenSSH format file and print an OpenSSH public key to stdout.
.El
.Sh FILES
.Bl -tag -width Ds
.It Pa $HOME/.ssh/identity
Contains the RSA authentication identity of the user.
This file should not be readable by anyone but the user.
It is possible to
specify a passphrase when generating the key; that passphrase will be
used to encrypt the private part of this file using 3DES.
This file is not automatically accessed by
.Nm
but it is offered as the default file for the private key.
.Xr sshd 8
will read this file when a login attempt is made.
.It Pa $HOME/.ssh/identity.pub
Contains the public key for authentication.
The contents of this file should be added to
.Pa $HOME/.ssh/authorized_keys
on all machines
where you wish to log in using RSA authentication.
There is no need to keep the contents of this file secret.
.It Pa $HOME/.ssh/id_dsa
Contains the DSA authentication identity of the user.
This file should not be readable by anyone but the user.
It is possible to
specify a passphrase when generating the key; that passphrase will be
used to encrypt the private part of this file using 3DES.
This file is not automatically accessed by
.Nm
but it is offered as the default file for the private key.
.Xr sshd 8
will read this file when a login attempt is made.
.It Pa $HOME/.ssh/id_dsa.pub
Contains the public key for authentication.
The contents of this file should be added to
.Pa $HOME/.ssh/authorized_keys2
on all machines
where you wish to log in using public key authentication.
There is no need to keep the contents of this file secret.
.El
.Sh AUTHORS
Tatu Ylonen <ylo@cs.hut.fi>
.Pp
OpenSSH
is a derivative of the original (free) ssh 1.2.12 release, but with bugs
removed and newer features re-added.
Rapidly after the 1.2.12 release,
newer versions bore successively more restrictive licenses.
This version of OpenSSH
.Bl -bullet
.It
has all components of a restrictive nature (i.e., patents, see
.Xr crypto 3 )
directly removed from the source code; any licensed or patented components
are chosen from
external libraries.
.It
has been updated to support ssh protocol 1.5.
.It
contains added support for
.Xr kerberos 8
authentication and ticket passing.
.It
supports one-time password authentication with
.Xr skey 1 .
.El
.Sh SEE ALSO
.Xr ssh 1 ,
.Xr ssh-add 1 ,
.Xr ssh-agent 1 ,
.Xr sshd 8 ,
.Xr crypto 3
Commit	Line	Data
bf740959	1	.\" -- nroff --
bf740959	2	.\"
bf740959	3	.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
bf740959	4	.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
	5	.\" All rights reserved
	6	.\"
bcbf86ec	7	.\" As far as I am concerned, the code I have written for this software
	8	.\" can be used freely for any purpose. Any derived versions of this
	9	.\" software must be clearly marked as such, and if the derived work is
	10	.\" incompatible with the protocol description in the RFC file, it must be
	11	.\" called by a name other than "ssh" or "Secure Shell".
	12	.\"
	13	.\"
	14	.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved.
	15	.\" Copyright (c) 1999 Aaron Campbell. All rights reserved.
	16	.\" Copyright (c) 1999 Theo de Raadt. All rights reserved.
	17	.\"
	18	.\" Redistribution and use in source and binary forms, with or without
	19	.\" modification, are permitted provided that the following conditions
	20	.\" are met:
	21	.\" 1. Redistributions of source code must retain the above copyright
	22	.\" notice, this list of conditions and the following disclaimer.
	23	.\" 2. Redistributions in binary form must reproduce the above copyright
	24	.\" notice, this list of conditions and the following disclaimer in the
	25	.\" documentation and/or other materials provided with the distribution.
bf740959	26	.\"
bcbf86ec	27	.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
	28	.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
	29	.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	30	.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
	31	.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	32	.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	33	.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
	34	.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	35	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
	36	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
bf740959	37	.\"
	38	.Dd September 25, 1999
	39	.Dt SSH-KEYGEN 1
	40	.Os
	41	.Sh NAME
	42	.Nm ssh-keygen
	43	.Nd authentication key generation
	44	.Sh SYNOPSIS
	45	.Nm ssh-keygen
fa08c86b	46	.Op Fl q
bf740959	47	.Op Fl b Ar bits
fa08c86b	48	.Op Fl t Ar type
bf740959	49	.Op Fl N Ar new_passphrase
bf740959	50	.Op Fl C Ar comment
7cd3766c	51	.Op Fl f Ar output_keyfile
bf740959	52	.Nm ssh-keygen
	53	.Fl p
	54	.Op Fl P Ar old_passphrase
	55	.Op Fl N Ar new_passphrase
f095fcc7	56	.Op Fl f Ar keyfile
bf740959	57	.Nm ssh-keygen
1d1ffb87	58	.Fl x
7cd3766c	59	.Op Fl f Ar input_keyfile
1d1ffb87	60	.Nm ssh-keygen
1d1ffb87	61	.Fl X
7cd3766c	62	.Op Fl f Ar input_keyfile
1d1ffb87	63	.Nm ssh-keygen
1d1ffb87	64	.Fl y
7cd3766c	65	.Op Fl f Ar input_keyfile
1d1ffb87	66	.Nm ssh-keygen
bf740959	67	.Fl c
	68	.Op Fl P Ar passphrase
	69	.Op Fl C Ar comment
f095fcc7	70	.Op Fl f Ar keyfile
	71	.Nm ssh-keygen
	72	.Fl l
7cd3766c	73	.Op Fl f Ar input_keyfile
f54651ce	74	.Sh DESCRIPTION
bf740959	75	.Nm
f54651ce	76	generates and manages authentication keys for
bf740959	77	.Xr ssh 1 .
1d1ffb87	78	.Nm
	79	defaults to generating an RSA key for use by protocols 1.3 and 1.5;
	80	specifying the
fa08c86b	81	.Fl t
b5c334cc	82	option allows you to create a key for use by protocol 2.0.
1d1ffb87	83	.Pp
bf740959	84	Normally each user wishing to use SSH
1d1ffb87	85	with RSA or DSA authentication runs this once to create the authentication
bf740959	86	key in
1d1ffb87	87	.Pa $HOME/.ssh/identity
	88	or
	89	.Pa $HOME/.ssh/id_dsa .
	90	Additionally, the system administrator may use this to generate host keys,
	91	as seen in
	92	.Pa /etc/rc .
bf740959	93	.Pp
bf740959	94	Normally this program generates the key and asks for a file in which
4fe2af09	95	to store the private key.
4fe2af09	96	The public key is stored in a file with the same name but
bf740959	97	.Dq .pub
4fe2af09	98	appended.
	99	The program also asks for a passphrase.
	100	The passphrase may be empty to indicate no passphrase
b5c334cc	101	(host keys must have an empty passphrase), or it may be a string of
4fe2af09	102	arbitrary length.
4fe2af09	103	Good passphrases are 10-30 characters long and are
bf740959	104	not simple sentences or otherwise easily guessable (English
bf740959	105	prose has only 1-2 bits of entropy per word, and provides very bad
4fe2af09	106	passphrases).
4fe2af09	107	The passphrase can be changed later by using the
bf740959	108	.Fl p
	109	option.
	110	.Pp
4fe2af09	111	There is no way to recover a lost passphrase.
4fe2af09	112	If the passphrase is
bf740959	113	lost or forgotten, you will have to generate a new key and copy the
	114	corresponding public key to other machines.
	115	.Pp
1d1ffb87	116	For RSA, there is also a comment field in the key file that is only for
4fe2af09	117	convenience to the user to help identify the key.
	118	The comment can tell what the key is for, or whatever is useful.
	119	The comment is initialized to
bf740959	120	.Dq user@host
	121	when the key is created, but can be changed using the
	122	.Fl c
	123	option.
	124	.Pp
1d1ffb87	125	After a key is generated, instructions below detail where the keys
	126	should be placed to be activated.
	127	.Pp
bf740959	128	The options are as follows:
	129	.Bl -tag -width Ds
	130	.It Fl b Ar bits
4fe2af09	131	Specifies the number of bits in the key to create.
	132	Minimum is 512 bits.
	133	Generally 1024 bits is considered sufficient, and key sizes
	134	above that no longer improve security but make things slower.
	135	The default is 1024 bits.
bf740959	136	.It Fl c
	137	Requests changing the comment in the private and public key files.
	138	The program will prompt for the file containing the private keys, for
	139	passphrase if the key has one, and for the new comment.
f095fcc7	140	.It Fl f
	141	Specifies the filename of the key file.
	142	.It Fl l
	143	Show fingerprint of specified private or public key file.
bf740959	144	.It Fl p
bf740959	145	Requests changing the passphrase of a private key file instead of
4fe2af09	146	creating a new private key.
4fe2af09	147	The program will prompt for the file
bf740959	148	containing the private key, for the old passphrase, and twice for the
	149	new passphrase.
	150	.It Fl q
	151	Silence
	152	.Nm ssh-keygen .
	153	Used by
	154	.Pa /etc/rc
	155	when creating a new key.
fa08c86b	156	.It Fl t Ar type
	157	Specifies the type of the key to create.
	158	The possible values are
	159	.Dq rsa1
	160	for protocol version 1 and
	161	.Dq rsa
	162	or
	163	.Dq dsa
	164	for protocol version 2.
	165	The default is
	166	.Dq rsa .
bf740959	167	.It Fl C Ar comment
	168	Provides the new comment.
	169	.It Fl N Ar new_passphrase
	170	Provides the new passphrase.
	171	.It Fl P Ar passphrase
	172	Provides the (old) passphrase.
1d1ffb87	173	.It Fl x
1d1ffb87	174	This option will read a private
d0c832f3	175	OpenSSH DSA format file and print a SSH2-compatible public key to stdout.
1d1ffb87	176	.It Fl X
94ec8c6b	177	This option will read a unencrypted
	178	SSH2-compatible private (or public) key file and
	179	print an OpenSSH compatible private (or public) key to stdout.
1d1ffb87	180	.It Fl y
1d1ffb87	181	This option will read a private
fa08c86b	182	OpenSSH format file and print an OpenSSH public key to stdout.
bf740959	183	.El
	184	.Sh FILES
	185	.Bl -tag -width Ds
bf740959	186	.It Pa $HOME/.ssh/identity
4fe2af09	187	Contains the RSA authentication identity of the user.
	188	This file should not be readable by anyone but the user.
	189	It is possible to
bf740959	190	specify a passphrase when generating the key; that passphrase will be
4fe2af09	191	used to encrypt the private part of this file using 3DES.
4fe2af09	192	This file is not automatically accessed by
bf740959	193	.Nm
bf740959	194	but it is offered as the default file for the private key.
1d1ffb87	195	.Xr sshd 8
1d1ffb87	196	will read this file when a login attempt is made.
bf740959	197	.It Pa $HOME/.ssh/identity.pub
4fe2af09	198	Contains the public key for authentication.
4fe2af09	199	The contents of this file should be added to
bf740959	200	.Pa $HOME/.ssh/authorized_keys
bf740959	201	on all machines
4fe2af09	202	where you wish to log in using RSA authentication.
4fe2af09	203	There is no need to keep the contents of this file secret.
1d1ffb87	204	.It Pa $HOME/.ssh/id_dsa
	205	Contains the DSA authentication identity of the user.
	206	This file should not be readable by anyone but the user.
	207	It is possible to
	208	specify a passphrase when generating the key; that passphrase will be
	209	used to encrypt the private part of this file using 3DES.
	210	This file is not automatically accessed by
	211	.Nm
	212	but it is offered as the default file for the private key.
	213	.Xr sshd 8
	214	will read this file when a login attempt is made.
	215	.It Pa $HOME/.ssh/id_dsa.pub
	216	Contains the public key for authentication.
	217	The contents of this file should be added to
	218	.Pa $HOME/.ssh/authorized_keys2
	219	on all machines
fa08c86b	220	where you wish to log in using public key authentication.
1d1ffb87	221	There is no need to keep the contents of this file secret.
089fbbd2	222	.El
fa08c86b	223	.Sh AUTHORS
bf740959	224	Tatu Ylonen <ylo@cs.hut.fi>
	225	.Pp
	226	OpenSSH
	227	is a derivative of the original (free) ssh 1.2.12 release, but with bugs
4fe2af09	228	removed and newer features re-added.
	229	Rapidly after the 1.2.12 release,
	230	newer versions bore successively more restrictive licenses.
	231	This version of OpenSSH
bf740959	232	.Bl -bullet
bf740959	233	.It
bcbf86ec	234	has all components of a restrictive nature (i.e., patents, see
bcbf86ec	235	.Xr crypto 3 )
bf740959	236	directly removed from the source code; any licensed or patented components
	237	are chosen from
	238	external libraries.
	239	.It
	240	has been updated to support ssh protocol 1.5.
	241	.It
f54651ce	242	contains added support for
bf740959	243	.Xr kerberos 8
	244	authentication and ticket passing.
	245	.It
	246	supports one-time password authentication with
	247	.Xr skey 1 .
	248	.El
bf740959	249	.Sh SEE ALSO
	250	.Xr ssh 1 ,
	251	.Xr ssh-add 1 ,
0c372277	252	.Xr ssh-agent 1 ,
bf740959	253	.Xr sshd 8 ,
bcbf86ec	254	.Xr crypto 3