ssh-keygen2, ssh-keygen - On a Secure Shell server, generates
the host key pair. On a Secure Shell client, generates
the authentication key pair for users who are using
public key authentication.
ssh-keygen2 [-b bits] [-t key_algorithm] [-c comment] [-e
file] [-p passphrase] [-P] [-h | -\?] [-q] [-l file] [-i
file] [-D file] [-B number] [-V] [-r file] [-x file] [-k
file] [-7 file] [-F file] [key1 key2 . . .]
Specifies the length of the key in bits; for example, 1024
bits. The default is 2048. Specifies the algorithm used
in key generation. Supported algorithms are Digital Signature
Algorithm (DSA) and Rivest, Shamir, and Adleman
(RSA). Specifies the key's comment string. Edits the
specified key. Makes the ssh-keygen2 command interactive.
You can change the key's passphrase or comment. Specifies
the passphrase used. Specifies that the key will be saved
with an empty passphrase. Prints a summary of ssh-keygen2
commands. Hides the progress indicator.. Converts the
key from ssh1 format to ssh2 format. Display all information
about a key. Derives the public key from the private
key file. Specifies the number base for displaying key
information. The default is 10. Displays version information.
Adds entropy from a file to the random pool
$HOME/.ssh2/random_seed. If the file contains relatively
random data (i.e., data unpredictable by a potential
attacker), the randomness of the pool is increased. Good
randomness is essential for security of the generated
keys. Converts a private key from X.509 format to SSH2
format. The converted key is written to file_ssh2. This
feature is only available in commercial distributions with
certificate support. Converts a PKCS 12 file to an SSH2
format private key and certificate pair. This feature is
only available in commercial distributions with certificate
support Exports certificates from a PKCS 7 file.
This feature is only available in commercial distributions
with certificate support. Dumps the fingerprint of given
public key. The fingerprint is given in the Bubble Babble
format, which makes the fingerprint look like a string of
On a Secure Shell server, the ssh-keygen2 command generates
and manages the host key pair. On a Secure Shell
client, the ssh-keygen2 command generates the authentication
key pair necessary for public key user authentication.
The system administrator also can use this command
to generate host keys for the sshd2 daemon.
See Security Administration for more information about
Secure Shell host keys and user authentication.
Generating the authentication key pair is only part of the
configuration necessary to use public key user authentication.
Users can use the ssh-pubkeymgr command to configure
public key user authentication, which includes generating
the authentication key pair. The ssh-pubkeymgr command
prompts the user for information necessary to configure
public key user authentication on a Secure Shell client.
Seeds the random number generator. This file should not
be accessible by anyone but the user. This file is created
the first time the program is run and is updated
every time the program is run. Contains the user's private
key. Contains the user's public key. Contains the
private part of the host key. The ssh-keygen2 command
creates this file. This file should only be owned by root,
readable only by root, and not accessible to others. Contains
the public part of the host key. The ssh-keygen2
command creates this file. This file should be readable by
world and writable only by root.
SSH is a registered trademark of SSH Communication Security
Commands: ssh2(1), ssh-add2(1), ssh-agent2(1), ssh-pubkeymgr(1), sshd2(8)
Guides: Security Administration
[ Back ]