blob: 877935053b8771e1d09fdc58d199b69dae7b6f66 [file] [log] [blame]
Darren Tuckeraa4d5ed2007-06-05 18:27:13 +10001.\" $OpenBSD: ssh-keygen.1,v 1.75 2007/05/31 19:20:16 jmc Exp $
Ben Lindstrom36579d32001-01-29 07:39:26 +00002.\"
Damien Miller32aa1441999-10-29 09:15:49 +10003.\" -*- nroff -*-
4.\"
Damien Miller32aa1441999-10-29 09:15:49 +10005.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
Damien Miller32aa1441999-10-29 09:15:49 +10006.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
7.\" All rights reserved
8.\"
Damien Millere4340be2000-09-16 13:29:08 +11009.\" As far as I am concerned, the code I have written for this software
10.\" can be used freely for any purpose. Any derived versions of this
11.\" software must be clearly marked as such, and if the derived work is
12.\" incompatible with the protocol description in the RFC file, it must be
13.\" called by a name other than "ssh" or "Secure Shell".
Damien Miller32aa1441999-10-29 09:15:49 +100014.\"
Damien Millere4340be2000-09-16 13:29:08 +110015.\"
Ben Lindstrom92a2e382001-03-05 06:59:27 +000016.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved.
17.\" Copyright (c) 1999 Aaron Campbell. All rights reserved.
18.\" Copyright (c) 1999 Theo de Raadt. All rights reserved.
Damien Millere4340be2000-09-16 13:29:08 +110019.\"
20.\" Redistribution and use in source and binary forms, with or without
21.\" modification, are permitted provided that the following conditions
22.\" are met:
23.\" 1. Redistributions of source code must retain the above copyright
24.\" notice, this list of conditions and the following disclaimer.
25.\" 2. Redistributions in binary form must reproduce the above copyright
26.\" notice, this list of conditions and the following disclaimer in the
27.\" documentation and/or other materials provided with the distribution.
28.\"
29.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
30.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
31.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
32.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
33.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
34.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
35.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
36.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
37.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
38.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Damien Miller32aa1441999-10-29 09:15:49 +100039.\"
Darren Tuckeraa4d5ed2007-06-05 18:27:13 +100040.Dd $Mdocdate: May 31 2007 $
Damien Miller32aa1441999-10-29 09:15:49 +100041.Dt SSH-KEYGEN 1
42.Os
43.Sh NAME
44.Nm ssh-keygen
Ben Lindstrom5a707822001-04-22 17:15:46 +000045.Nd authentication key generation, management and conversion
Damien Miller32aa1441999-10-29 09:15:49 +100046.Sh SYNOPSIS
47.Nm ssh-keygen
Damien Miller495dca32003-04-01 21:42:14 +100048.Bk -words
Damien Miller0bc1bd82000-11-13 22:57:25 +110049.Op Fl q
Damien Miller32aa1441999-10-29 09:15:49 +100050.Op Fl b Ar bits
Damien Miller55fafa02002-02-19 15:22:07 +110051.Fl t Ar type
Damien Miller32aa1441999-10-29 09:15:49 +100052.Op Fl N Ar new_passphrase
53.Op Fl C Ar comment
Damien Miller1a425f32000-09-02 10:08:09 +110054.Op Fl f Ar output_keyfile
Damien Miller495dca32003-04-01 21:42:14 +100055.Ek
Damien Miller32aa1441999-10-29 09:15:49 +100056.Nm ssh-keygen
57.Fl p
58.Op Fl P Ar old_passphrase
59.Op Fl N Ar new_passphrase
Damien Miller10f6f6b1999-11-17 17:29:08 +110060.Op Fl f Ar keyfile
Damien Miller32aa1441999-10-29 09:15:49 +100061.Nm ssh-keygen
Ben Lindstrom5a707822001-04-22 17:15:46 +000062.Fl i
Damien Miller1a425f32000-09-02 10:08:09 +110063.Op Fl f Ar input_keyfile
Damien Millere247cc42000-05-07 12:03:14 +100064.Nm ssh-keygen
Ben Lindstrom5a707822001-04-22 17:15:46 +000065.Fl e
Damien Miller1a425f32000-09-02 10:08:09 +110066.Op Fl f Ar input_keyfile
Damien Millere247cc42000-05-07 12:03:14 +100067.Nm ssh-keygen
68.Fl y
Damien Miller1a425f32000-09-02 10:08:09 +110069.Op Fl f Ar input_keyfile
Damien Millere247cc42000-05-07 12:03:14 +100070.Nm ssh-keygen
Damien Miller32aa1441999-10-29 09:15:49 +100071.Fl c
72.Op Fl P Ar passphrase
73.Op Fl C Ar comment
Damien Miller10f6f6b1999-11-17 17:29:08 +110074.Op Fl f Ar keyfile
75.Nm ssh-keygen
76.Fl l
Ben Lindstrom8fd372b2001-03-12 03:02:17 +000077.Op Fl f Ar input_keyfile
78.Nm ssh-keygen
79.Fl B
Damien Miller1a425f32000-09-02 10:08:09 +110080.Op Fl f Ar input_keyfile
Ben Lindstroma1ec4a92001-08-06 21:51:34 +000081.Nm ssh-keygen
82.Fl D Ar reader
83.Nm ssh-keygen
Damien Miller4b42d7f2005-03-01 21:48:35 +110084.Fl F Ar hostname
85.Op Fl f Ar known_hosts_file
86.Nm ssh-keygen
87.Fl H
88.Op Fl f Ar known_hosts_file
89.Nm ssh-keygen
90.Fl R Ar hostname
91.Op Fl f Ar known_hosts_file
92.Nm ssh-keygen
Ben Lindstroma1ec4a92001-08-06 21:51:34 +000093.Fl U Ar reader
94.Op Fl f Ar input_keyfile
Damien Miller37876e92003-05-15 10:19:46 +100095.Nm ssh-keygen
96.Fl r Ar hostname
97.Op Fl f Ar input_keyfile
98.Op Fl g
Darren Tucker019cefe2003-08-02 22:40:07 +100099.Nm ssh-keygen
100.Fl G Ar output_file
Darren Tucker06930c72003-12-31 11:34:51 +1100101.Op Fl v
Darren Tucker019cefe2003-08-02 22:40:07 +1000102.Op Fl b Ar bits
103.Op Fl M Ar memory
104.Op Fl S Ar start_point
105.Nm ssh-keygen
106.Fl T Ar output_file
107.Fl f Ar input_file
Darren Tucker06930c72003-12-31 11:34:51 +1100108.Op Fl v
Darren Tucker019cefe2003-08-02 22:40:07 +1000109.Op Fl a Ar num_trials
110.Op Fl W Ar generator
Damien Miller22c77262000-04-13 12:26:34 +1000111.Sh DESCRIPTION
Damien Miller32aa1441999-10-29 09:15:49 +1000112.Nm
Ben Lindstrom5a707822001-04-22 17:15:46 +0000113generates, manages and converts authentication keys for
Damien Miller32aa1441999-10-29 09:15:49 +1000114.Xr ssh 1 .
Damien Millere247cc42000-05-07 12:03:14 +1000115.Nm
Ben Lindstromcb72e4f2002-06-21 00:41:51 +0000116can create RSA keys for use by SSH protocol version 1 and RSA or DSA
Damien Millerfbf486b2003-05-23 18:44:23 +1000117keys for use by SSH protocol version 2.
118The type of key to be generated is specified with the
Damien Miller0bc1bd82000-11-13 22:57:25 +1100119.Fl t
Damien Millera41c8b12002-01-22 23:05:08 +1100120option.
Damien Millerf14be5c2005-11-05 15:15:49 +1100121If invoked without any arguments,
122.Nm
Damien Miller83d0d392005-11-05 15:16:27 +1100123will generate an RSA key for use in SSH protocol 2 connections.
Damien Millere247cc42000-05-07 12:03:14 +1000124.Pp
Darren Tucker019cefe2003-08-02 22:40:07 +1000125.Nm
126is also used to generate groups for use in Diffie-Hellman group
127exchange (DH-GEX).
128See the
129.Sx MODULI GENERATION
130section for details.
131.Pp
Damien Miller32aa1441999-10-29 09:15:49 +1000132Normally each user wishing to use SSH
Damien Millere247cc42000-05-07 12:03:14 +1000133with RSA or DSA authentication runs this once to create the authentication
Damien Miller32aa1441999-10-29 09:15:49 +1000134key in
Damien Miller167ea5d2005-05-26 12:04:02 +1000135.Pa ~/.ssh/identity ,
136.Pa ~/.ssh/id_dsa
Damien Millere247cc42000-05-07 12:03:14 +1000137or
Damien Miller167ea5d2005-05-26 12:04:02 +1000138.Pa ~/.ssh/id_rsa .
Damien Millere247cc42000-05-07 12:03:14 +1000139Additionally, the system administrator may use this to generate host keys,
140as seen in
141.Pa /etc/rc .
Damien Miller32aa1441999-10-29 09:15:49 +1000142.Pp
143Normally this program generates the key and asks for a file in which
Damien Miller450a7a12000-03-26 13:04:51 +1000144to store the private key.
145The public key is stored in a file with the same name but
Damien Miller32aa1441999-10-29 09:15:49 +1000146.Dq .pub
Damien Miller450a7a12000-03-26 13:04:51 +1000147appended.
148The program also asks for a passphrase.
149The passphrase may be empty to indicate no passphrase
Ben Lindstrombf555ba2001-01-18 02:04:35 +0000150(host keys must have an empty passphrase), or it may be a string of
Damien Miller450a7a12000-03-26 13:04:51 +1000151arbitrary length.
Ben Lindstrom4e366d52001-12-06 16:43:21 +0000152A passphrase is similar to a password, except it can be a phrase with a
153series of words, punctuation, numbers, whitespace, or any string of
154characters you want.
155Good passphrases are 10-30 characters long, are
Damien Miller32aa1441999-10-29 09:15:49 +1000156not simple sentences or otherwise easily guessable (English
Ben Lindstrom2a097a42001-06-09 01:13:40 +0000157prose has only 1-2 bits of entropy per character, and provides very bad
Ben Lindstrom4e366d52001-12-06 16:43:21 +0000158passphrases), and contain a mix of upper and lowercase letters,
159numbers, and non-alphanumeric characters.
Damien Miller450a7a12000-03-26 13:04:51 +1000160The passphrase can be changed later by using the
Damien Miller32aa1441999-10-29 09:15:49 +1000161.Fl p
162option.
163.Pp
Damien Miller450a7a12000-03-26 13:04:51 +1000164There is no way to recover a lost passphrase.
165If the passphrase is
Ben Lindstrom594e2032001-09-12 18:35:30 +0000166lost or forgotten, a new key must be generated and copied to the
Damien Miller32aa1441999-10-29 09:15:49 +1000167corresponding public key to other machines.
168.Pp
Ben Lindstrom5a707822001-04-22 17:15:46 +0000169For RSA1 keys,
170there is also a comment field in the key file that is only for
Damien Miller450a7a12000-03-26 13:04:51 +1000171convenience to the user to help identify the key.
172The comment can tell what the key is for, or whatever is useful.
173The comment is initialized to
Damien Miller32aa1441999-10-29 09:15:49 +1000174.Dq user@host
175when the key is created, but can be changed using the
176.Fl c
177option.
178.Pp
Damien Millere247cc42000-05-07 12:03:14 +1000179After a key is generated, instructions below detail where the keys
180should be placed to be activated.
181.Pp
Damien Miller32aa1441999-10-29 09:15:49 +1000182The options are as follows:
183.Bl -tag -width Ds
Darren Tucker019cefe2003-08-02 22:40:07 +1000184.It Fl a Ar trials
185Specifies the number of primality tests to perform when screening DH-GEX
186candidates using the
187.Fl T
188command.
Damien Miller265d3092005-03-02 12:05:06 +1100189.It Fl B
190Show the bubblebabble digest of specified private or public key file.
Damien Miller32aa1441999-10-29 09:15:49 +1000191.It Fl b Ar bits
Damien Miller450a7a12000-03-26 13:04:51 +1000192Specifies the number of bits in the key to create.
Darren Tucker9f647332005-11-28 16:41:46 +1100193For RSA keys, the minimum size is 768 bits and the default is 2048 bits.
Damien Millerac7ef6a2005-06-16 13:19:06 +1000194Generally, 2048 bits is considered sufficient.
Darren Tucker9f647332005-11-28 16:41:46 +1100195DSA keys must be exactly 1024 bits as specified by FIPS 186-2.
Damien Miller265d3092005-03-02 12:05:06 +1100196.It Fl C Ar comment
197Provides a new comment.
Damien Miller32aa1441999-10-29 09:15:49 +1000198.It Fl c
199Requests changing the comment in the private and public key files.
Damien Millereb5fec62001-11-12 10:52:44 +1100200This operation is only supported for RSA1 keys.
Damien Miller32aa1441999-10-29 09:15:49 +1000201The program will prompt for the file containing the private keys, for
Ben Lindstromaafff9c2001-05-06 03:01:02 +0000202the passphrase if the key has one, and for the new comment.
Damien Miller265d3092005-03-02 12:05:06 +1100203.It Fl D Ar reader
204Download the RSA public key stored in the smartcard in
205.Ar reader .
Ben Lindstrom5a707822001-04-22 17:15:46 +0000206.It Fl e
Ben Lindstrom46c264f2001-04-24 16:56:58 +0000207This option will read a private or public OpenSSH key file and
Damien Millerc0367fb2007-01-05 16:25:46 +1100208print the key in
209RFC 4716 SSH Public Key File Format
Ben Lindstrom5a707822001-04-22 17:15:46 +0000210to stdout.
211This option allows exporting keys for use by several commercial
212SSH implementations.
Damien Miller265d3092005-03-02 12:05:06 +1100213.It Fl F Ar hostname
214Search for the specified
215.Ar hostname
216in a
217.Pa known_hosts
218file, listing any occurrences found.
219This option is useful to find hashed host names or addresses and may also be
220used in conjunction with the
221.Fl H
222option to print found keys in a hashed format.
223.It Fl f Ar filename
224Specifies the filename of the key file.
225.It Fl G Ar output_file
226Generate candidate primes for DH-GEX.
227These primes must be screened for
228safety (using the
229.Fl T
230option) before use.
Damien Miller37876e92003-05-15 10:19:46 +1000231.It Fl g
Darren Tucker0b42e6d2004-08-13 21:22:40 +1000232Use generic DNS format when printing fingerprint resource records using the
Darren Tucker6e370372004-08-13 21:23:25 +1000233.Fl r
Darren Tucker0b42e6d2004-08-13 21:22:40 +1000234command.
Damien Miller265d3092005-03-02 12:05:06 +1100235.It Fl H
236Hash a
237.Pa known_hosts
Darren Tuckerda1adbc2005-03-14 23:15:58 +1100238file.
239This replaces all hostnames and addresses with hashed representations
240within the specified file; the original content is moved to a file with
241a .old suffix.
Damien Miller265d3092005-03-02 12:05:06 +1100242These hashes may be used normally by
243.Nm ssh
244and
245.Nm sshd ,
246but they do not reveal identifying information should the file's contents
247be disclosed.
248This option will not modify existing hashed hostnames and is therefore safe
249to use on files that mix hashed and non-hashed names.
Ben Lindstrom5a707822001-04-22 17:15:46 +0000250.It Fl i
251This option will read an unencrypted private (or public) key file
252in SSH2-compatible format and print an OpenSSH compatible private
253(or public) key to stdout.
254.Nm
Ben Lindstrom2857d9c2001-04-22 17:19:46 +0000255also reads the
Darren Tucker26dc3e62007-02-19 22:09:06 +1100256RFC 4716 SSH Public Key File Format.
Ben Lindstrom5a707822001-04-22 17:15:46 +0000257This option allows importing keys from several commercial
258SSH implementations.
Damien Miller10f6f6b1999-11-17 17:29:08 +1100259.It Fl l
Damien Millereb5fec62001-11-12 10:52:44 +1100260Show fingerprint of specified public key file.
261Private RSA1 keys are also supported.
262For RSA and DSA keys
263.Nm
264tries to find the matching public key file and prints its fingerprint.
Damien Miller265d3092005-03-02 12:05:06 +1100265.It Fl M Ar memory
266Specify the amount of memory to use (in megabytes) when generating
267candidate moduli for DH-GEX.
268.It Fl N Ar new_passphrase
269Provides the new passphrase.
270.It Fl P Ar passphrase
271Provides the (old) passphrase.
Damien Miller32aa1441999-10-29 09:15:49 +1000272.It Fl p
273Requests changing the passphrase of a private key file instead of
Damien Miller450a7a12000-03-26 13:04:51 +1000274creating a new private key.
275The program will prompt for the file
Damien Miller32aa1441999-10-29 09:15:49 +1000276containing the private key, for the old passphrase, and twice for the
277new passphrase.
278.It Fl q
279Silence
280.Nm ssh-keygen .
281Used by
282.Pa /etc/rc
283when creating a new key.
Damien Miller4b42d7f2005-03-01 21:48:35 +1100284.It Fl R Ar hostname
285Removes all keys belonging to
286.Ar hostname
Damien Miller4c9c6fd2005-03-02 12:03:43 +1100287from a
Damien Miller4b42d7f2005-03-01 21:48:35 +1100288.Pa known_hosts
289file.
Damien Miller4c9c6fd2005-03-02 12:03:43 +1100290This option is useful to delete hashed hosts (see the
Damien Miller4b42d7f2005-03-01 21:48:35 +1100291.Fl H
292option above).
Damien Miller265d3092005-03-02 12:05:06 +1100293.It Fl r Ar hostname
294Print the SSHFP fingerprint resource record named
295.Ar hostname
296for the specified public key file.
Darren Tucker019cefe2003-08-02 22:40:07 +1000297.It Fl S Ar start
298Specify start point (in hex) when generating candidate moduli for DH-GEX.
299.It Fl T Ar output_file
300Test DH group exchange candidate primes (generated using the
301.Fl G
302option) for safety.
Damien Miller265d3092005-03-02 12:05:06 +1100303.It Fl t Ar type
304Specifies the type of key to create.
305The possible values are
306.Dq rsa1
307for protocol version 1 and
308.Dq rsa
309or
310.Dq dsa
311for protocol version 2.
Ben Lindstroma1ec4a92001-08-06 21:51:34 +0000312.It Fl U Ar reader
313Upload an existing RSA private key into the smartcard in
314.Ar reader .
Darren Tucker06930c72003-12-31 11:34:51 +1100315.It Fl v
316Verbose mode.
317Causes
318.Nm
319to print debugging messages about its progress.
320This is helpful for debugging moduli generation.
321Multiple
322.Fl v
323options increase the verbosity.
324The maximum is 3.
Damien Miller265d3092005-03-02 12:05:06 +1100325.It Fl W Ar generator
326Specify desired generator when testing candidate moduli for DH-GEX.
327.It Fl y
328This option will read a private
329OpenSSH format file and print an OpenSSH public key to stdout.
Damien Miller32aa1441999-10-29 09:15:49 +1000330.El
Darren Tucker019cefe2003-08-02 22:40:07 +1000331.Sh MODULI GENERATION
332.Nm
333may be used to generate groups for the Diffie-Hellman Group Exchange
334(DH-GEX) protocol.
335Generating these groups is a two-step process: first, candidate
336primes are generated using a fast, but memory intensive process.
337These candidate primes are then tested for suitability (a CPU-intensive
338process).
339.Pp
340Generation of primes is performed using the
341.Fl G
342option.
343The desired length of the primes may be specified by the
344.Fl b
345option.
346For example:
347.Pp
Damien Miller265d3092005-03-02 12:05:06 +1100348.Dl # ssh-keygen -G moduli-2048.candidates -b 2048
Darren Tucker019cefe2003-08-02 22:40:07 +1000349.Pp
350By default, the search for primes begins at a random point in the
351desired length range.
352This may be overridden using the
353.Fl S
354option, which specifies a different start point (in hex).
355.Pp
356Once a set of candidates have been generated, they must be tested for
357suitability.
358This may be performed using the
359.Fl T
360option.
361In this mode
362.Nm
363will read candidates from standard input (or a file specified using the
364.Fl f
365option).
366For example:
367.Pp
Damien Miller265d3092005-03-02 12:05:06 +1100368.Dl # ssh-keygen -T moduli-2048 -f moduli-2048.candidates
Darren Tucker019cefe2003-08-02 22:40:07 +1000369.Pp
370By default, each candidate will be subjected to 100 primality tests.
371This may be overridden using the
372.Fl a
373option.
374The DH generator value will be chosen automatically for the
375prime under consideration.
376If a specific generator is desired, it may be requested using the
377.Fl W
378option.
Damien Miller265d3092005-03-02 12:05:06 +1100379Valid generator values are 2, 3, and 5.
Darren Tucker019cefe2003-08-02 22:40:07 +1000380.Pp
381Screened DH groups may be installed in
382.Pa /etc/moduli .
383It is important that this file contains moduli of a range of bit lengths and
384that both ends of a connection share common moduli.
Damien Miller32aa1441999-10-29 09:15:49 +1000385.Sh FILES
386.Bl -tag -width Ds
Damien Miller167ea5d2005-05-26 12:04:02 +1000387.It Pa ~/.ssh/identity
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000388Contains the protocol version 1 RSA authentication identity of the user.
Damien Miller450a7a12000-03-26 13:04:51 +1000389This file should not be readable by anyone but the user.
390It is possible to
Damien Miller32aa1441999-10-29 09:15:49 +1000391specify a passphrase when generating the key; that passphrase will be
Damien Miller450a7a12000-03-26 13:04:51 +1000392used to encrypt the private part of this file using 3DES.
393This file is not automatically accessed by
Damien Miller32aa1441999-10-29 09:15:49 +1000394.Nm
395but it is offered as the default file for the private key.
Ben Lindstrombda98b02001-07-04 03:35:24 +0000396.Xr ssh 1
Damien Millere247cc42000-05-07 12:03:14 +1000397will read this file when a login attempt is made.
Damien Miller167ea5d2005-05-26 12:04:02 +1000398.It Pa ~/.ssh/identity.pub
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000399Contains the protocol version 1 RSA public key for authentication.
Damien Miller450a7a12000-03-26 13:04:51 +1000400The contents of this file should be added to
Damien Miller167ea5d2005-05-26 12:04:02 +1000401.Pa ~/.ssh/authorized_keys
Damien Miller32aa1441999-10-29 09:15:49 +1000402on all machines
Ben Lindstrom594e2032001-09-12 18:35:30 +0000403where the user wishes to log in using RSA authentication.
Damien Miller450a7a12000-03-26 13:04:51 +1000404There is no need to keep the contents of this file secret.
Damien Miller167ea5d2005-05-26 12:04:02 +1000405.It Pa ~/.ssh/id_dsa
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000406Contains the protocol version 2 DSA authentication identity of the user.
Damien Millere247cc42000-05-07 12:03:14 +1000407This file should not be readable by anyone but the user.
408It is possible to
409specify a passphrase when generating the key; that passphrase will be
410used to encrypt the private part of this file using 3DES.
411This file is not automatically accessed by
412.Nm
413but it is offered as the default file for the private key.
Ben Lindstrombda98b02001-07-04 03:35:24 +0000414.Xr ssh 1
Damien Millere247cc42000-05-07 12:03:14 +1000415will read this file when a login attempt is made.
Damien Miller167ea5d2005-05-26 12:04:02 +1000416.It Pa ~/.ssh/id_dsa.pub
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000417Contains the protocol version 2 DSA public key for authentication.
418The contents of this file should be added to
Damien Miller167ea5d2005-05-26 12:04:02 +1000419.Pa ~/.ssh/authorized_keys
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000420on all machines
Ben Lindstrom594e2032001-09-12 18:35:30 +0000421where the user wishes to log in using public key authentication.
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000422There is no need to keep the contents of this file secret.
Damien Miller167ea5d2005-05-26 12:04:02 +1000423.It Pa ~/.ssh/id_rsa
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000424Contains the protocol version 2 RSA authentication identity of the user.
425This file should not be readable by anyone but the user.
426It is possible to
427specify a passphrase when generating the key; that passphrase will be
428used to encrypt the private part of this file using 3DES.
429This file is not automatically accessed by
430.Nm
431but it is offered as the default file for the private key.
Ben Lindstrombda98b02001-07-04 03:35:24 +0000432.Xr ssh 1
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000433will read this file when a login attempt is made.
Damien Miller167ea5d2005-05-26 12:04:02 +1000434.It Pa ~/.ssh/id_rsa.pub
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000435Contains the protocol version 2 RSA public key for authentication.
Damien Millere247cc42000-05-07 12:03:14 +1000436The contents of this file should be added to
Damien Miller167ea5d2005-05-26 12:04:02 +1000437.Pa ~/.ssh/authorized_keys
Damien Millere247cc42000-05-07 12:03:14 +1000438on all machines
Ben Lindstrom594e2032001-09-12 18:35:30 +0000439where the user wishes to log in using public key authentication.
Damien Millere247cc42000-05-07 12:03:14 +1000440There is no need to keep the contents of this file secret.
Darren Tucker019cefe2003-08-02 22:40:07 +1000441.It Pa /etc/moduli
442Contains Diffie-Hellman groups used for DH-GEX.
443The file format is described in
444.Xr moduli 5 .
Damien Miller37023962000-07-11 17:31:38 +1000445.El
Damien Miller32aa1441999-10-29 09:15:49 +1000446.Sh SEE ALSO
447.Xr ssh 1 ,
448.Xr ssh-add 1 ,
Damien Miller2e8b1c81999-11-15 23:33:56 +1100449.Xr ssh-agent 1 ,
Darren Tucker019cefe2003-08-02 22:40:07 +1000450.Xr moduli 5 ,
Ben Lindstrom77788dc2001-02-10 23:10:33 +0000451.Xr sshd 8
Ben Lindstrom5a707822001-04-22 17:15:46 +0000452.Rs
Damien Millerc0367fb2007-01-05 16:25:46 +1100453.%R RFC 4716
454.%T "The Secure Shell (SSH) Public Key File Format"
455.%D 2006
Ben Lindstrom5a707822001-04-22 17:15:46 +0000456.Re
Damien Millerf1ce5052003-06-11 22:04:39 +1000457.Sh AUTHORS
458OpenSSH is a derivative of the original and free
459ssh 1.2.12 release by Tatu Ylonen.
460Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
461Theo de Raadt and Dug Song
462removed many bugs, re-added newer features and
463created OpenSSH.
464Markus Friedl contributed the support for SSH
465protocol versions 1.5 and 2.0.