The OpenNET Project / Index page

[ новости /+++ | форум | теги | ]

Интерактивная система просмотра системных руководств (man-ов)

 ТемаНаборКатегория 
 
 [Cписок руководств | Печать]

ssh-keygen1 (1)
  • >> ssh-keygen1 (1) ( Solaris man: Команды и прикладные программы пользовательского уровня )
  • 
    NAME
         ssh-keygen - authentication key pair generation
    
    
    SYNOPSIS
         ssh-keygen    [-b bits]    [-f file]     [-N new_passphrase]
         [-C comment]
    
         ssh-keygen -p [-P old_passphrase] [-N new_passphrase]
    
         ssh-keygen -c [-P passphrase] [-C comment]
    
         ssh-keygen -u [-f file] [-P passphrase]
    
    
    DESCRIPTION
         Ssh-keygen generates and  manages  authentication  keys  for
         ssh(1).   Normally  each  user  wishing  to use ssh with RSA
         authentication runs this once to create  the  authentication
         key   in   $HOME/.ssh/identity.   Additionally,  the  system
         administrator may use this to generate host keys.
    
         Normally this program generates the key and asks for a  file
         in which to store the private key.  The public key is stored
         in a file with the same name but ".pub" appended.  The  pro-
         gram  also  asks  for  a  passphrase.  The passphrase may be
         empty to indicate no passphrase (host keys must  have  empty
         passphrase),  or  it  may  be  a string of arbitrary length.
         Good passphrases are 10-30 characters long and are not  sim-
         ple  sentences  or otherwise easily guessable (English prose
         has only 1-2 bits of entropy per word, and provides very bad
         passphrases).   The passphrase can be changed later by using
         the -p option.
    
         There is no way  to  recover  a  lost  passphrase.   If  the
         passphrase is lost or forgotten, you will have to generate a
         new key and copy  the  corresponding  public  key  to  other
         machines.
    
         USING GOOD, UNGUESSABLE PASSPHRASES IS STRONGLY RECOMMENDED.
         EMPTY  PASSPHRASES  SHOULD NOT BE USED UNLESS YOU UNDERSTAND
         WHAT YOU ARE DOING.
    
         There is also a comment field in the key file that  is  only
         for  convenience  to the user to help identify the key.  The
         comment can tell what the key is for, or whatever is useful.
         The  comment  is  initialized  to  user@host when the key is
         created, but can be changed using the -c option.
    
         The cipher to be used when encrypting keys with a passphrase
         is  defined in ssh.h. Using the -u option, keys encrypted in
         any supported cipher can be  updated  to  use  this  default
         cipher.
    
    
    OPTIONS
         -b bits
               Specifies the number of bits in  the  key  to  create.
               Minimum  is  512  bits.   Generally  1024 bits is con-
               sidered sufficient, and key sizes above that no longer
               improve  security but make things slower.  The default
               is 1024 bits.
    
         -c    Requests changing the comment in the private and  pub-
               lic  key  files.  The program will prompt for the file
               containing the private keys, for passphrase if the key
               has one, and for the new comment.
    
         -f    Specifies the file name in  which  to  load/store  the
               key.
    
         -p    Requests changing the passphrase of a private key file
               instead  of  creating  a new private key.  The program
               will prompt for the file containing the  private  key,
               for   the  old  passphrase,  and  twice  for  the  new
               passphrase.
    
         -u    Requests that the  key's  cipher  is  changed  to  the
               current  default  cipher (determined at compile-time -
               currently 3DES).
    
         -C    Provides the new comment.
    
         -N    Provides the new passphrase.
    
         -P    Provides the (old) passphrase.
    
    
    FILES
         $HOME/.ssh/random_seed
               Used for seeding the random  number  generator.   This
               file  should  not  be readable by anyone but the user.
               This file is created the first  time  the  program  is
               run, and is updated every time.
    
         $HOME/.ssh/identity
               Contains the RSA authentication identity of the  user.
               This  file  should  not  be readable by anyone but the
               user.  It is possible to  specify  a  passphrase  when
               generating  the  key;  that passphrase will be used to
               encrypt the private part  of  this  file  using  3DES.
               This file is not automatically accessed by ssh-keygen,
               but it is offered as the default file for the  private
               key.
    
         $HOME/.ssh/identity.pub
               Contains the public key for authentication.  The  con-
               tents    of    this    file   should   be   added   to
               $$HHOOMMEE//..sssshh//aauutthhoorriizzeedd_kkeeyyss on all machines  where  you
               wish  to log in using RSA authentication.  There is no
               need to keep the contents of this file secret.
    
    
    AUTHOR
         Tatu Ylonen <ylo@ssh.fi>
    
    
    SEE ALSO
         ssh(1), sshd(8), ssh-agent(1), ssh-add(1)
    
    
    
    


    Поиск по тексту MAN-ов: 




    Партнёры:
    PostgresPro
    Inferno Solutions
    Hosting by Hoster.ru
    Хостинг:

    Закладки на сайте
    Проследить за страницей
    Created 1996-2024 by Maxim Chirkov
    Добавить, Поддержать, Вебмастеру