1180740SdesSSH-KEYGEN(1) OpenBSD Reference Manual SSH-KEYGEN(1) 2180740Sdes 3180740SdesNAME 4180740Sdes ssh-keygen - authentication key generation, management and conversion 5180740Sdes 6180740SdesSYNOPSIS 7264377Sdes ssh-keygen [-q] [-b bits] [-t type] [-N new_passphrase] [-C comment] 8180740Sdes [-f output_keyfile] 9180740Sdes ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile] 10214979Sdes ssh-keygen -i [-m key_format] [-f input_keyfile] 11214979Sdes ssh-keygen -e [-m key_format] [-f input_keyfile] 12180740Sdes ssh-keygen -y [-f input_keyfile] 13180740Sdes ssh-keygen -c [-P passphrase] [-C comment] [-f keyfile] 14180740Sdes ssh-keygen -l [-f input_keyfile] 15180740Sdes ssh-keygen -B [-f input_keyfile] 16204861Sdes ssh-keygen -D pkcs11 17189006Sdes ssh-keygen -F hostname [-f known_hosts_file] [-l] 18180740Sdes ssh-keygen -H [-f known_hosts_file] 19180740Sdes ssh-keygen -R hostname [-f known_hosts_file] 20180740Sdes ssh-keygen -r hostname [-f input_keyfile] [-g] 21180740Sdes ssh-keygen -G output_file [-v] [-b bits] [-M memory] [-S start_point] 22262566Sdes ssh-keygen -T output_file -f input_file [-v] [-a rounds] [-J num_lines] 23262566Sdes [-j start_line] [-K checkpt] [-W generator] 24204861Sdes ssh-keygen -s ca_key -I certificate_identity [-h] [-n principals] 25214979Sdes [-O option] [-V validity_interval] [-z serial_number] file ... 26204861Sdes ssh-keygen -L [-f input_keyfile] 27225825Sdes ssh-keygen -A 28248613Sdes ssh-keygen -k -f krl_file [-u] [-s ca_public] [-z version_number] 29248613Sdes file ... 30248613Sdes ssh-keygen -Q -f krl_file file ... 31180740Sdes 32180740SdesDESCRIPTION 33180740Sdes ssh-keygen generates, manages and converts authentication keys for 34180740Sdes ssh(1). ssh-keygen can create RSA keys for use by SSH protocol version 1 35262566Sdes and DSA, ECDSA, ED25519 or RSA keys for use by SSH protocol version 2. 36262566Sdes The type of key to be generated is specified with the -t option. If 37262566Sdes invoked without any arguments, ssh-keygen will generate an RSA key for 38262566Sdes use in SSH protocol 2 connections. 39180740Sdes 40180740Sdes ssh-keygen is also used to generate groups for use in Diffie-Hellman 41180740Sdes group exchange (DH-GEX). See the MODULI GENERATION section for details. 42180740Sdes 43248613Sdes Finally, ssh-keygen can be used to generate and update Key Revocation 44248613Sdes Lists, and to test whether given keys have been revoked by one. See the 45248613Sdes KEY REVOCATION LISTS section for details. 46248613Sdes 47218767Sdes Normally each user wishing to use SSH with public key authentication runs 48180740Sdes this once to create the authentication key in ~/.ssh/identity, 49262566Sdes ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ed25519 or ~/.ssh/id_rsa. 50262566Sdes Additionally, the system administrator may use this to generate host 51262566Sdes keys, as seen in /etc/rc. 52180740Sdes 53180740Sdes Normally this program generates the key and asks for a file in which to 54180740Sdes store the private key. The public key is stored in a file with the same 55180740Sdes name but ``.pub'' appended. The program also asks for a passphrase. The 56180740Sdes passphrase may be empty to indicate no passphrase (host keys must have an 57180740Sdes empty passphrase), or it may be a string of arbitrary length. A 58214979Sdes passphrase is similar to a password, except it can be a phrase with a 59214979Sdes series of words, punctuation, numbers, whitespace, or any string of 60214979Sdes characters you want. Good passphrases are 10-30 characters long, are not 61239844Sdes simple sentences or otherwise easily guessable (English prose has only 62239844Sdes 1-2 bits of entropy per character, and provides very bad passphrases), 63239844Sdes and contain a mix of upper and lowercase letters, numbers, and non- 64214979Sdes alphanumeric characters. The passphrase can be changed later by using 65214979Sdes the -p option. 66180740Sdes 67180740Sdes There is no way to recover a lost passphrase. If the passphrase is lost 68225825Sdes or forgotten, a new key must be generated and the corresponding public 69225825Sdes key copied to other machines. 70180740Sdes 71180740Sdes For RSA1 keys, there is also a comment field in the key file that is only 72180740Sdes for convenience to the user to help identify the key. The comment can 73214979Sdes tell what the key is for, or whatever is useful. The comment is 74214979Sdes initialized to ``user@host'' when the key is created, but can be changed 75214979Sdes using the -c option. 76180740Sdes 77180740Sdes After a key is generated, instructions below detail where the keys should 78180740Sdes be placed to be activated. 79180740Sdes 80180740Sdes The options are as follows: 81180740Sdes 82262566Sdes -A For each of the key types (rsa1, rsa, dsa, ecdsa and ed25519) for 83262566Sdes which host keys do not exist, generate the host keys with the 84262566Sdes default key file path, an empty passphrase, default bits for the 85262566Sdes key type, and default comment. This is used by /etc/rc to 86262566Sdes generate new host keys. 87225825Sdes 88262566Sdes -a rounds 89262566Sdes When saving a new-format private key (i.e. an ed25519 key or any 90262566Sdes SSH protocol 2 key when the -o flag is set), this option 91262566Sdes specifies the number of KDF (key derivation function) rounds 92262566Sdes used. Higher numbers result in slower passphrase verification 93262566Sdes and increased resistance to brute-force password cracking (should 94262566Sdes the keys be stolen). 95180740Sdes 96262566Sdes When screening DH-GEX candidates ( using the -T command). This 97262566Sdes option specifies the number of primality tests to perform. 98262566Sdes 99180740Sdes -B Show the bubblebabble digest of specified private or public key 100180740Sdes file. 101180740Sdes 102180740Sdes -b bits 103180740Sdes Specifies the number of bits in the key to create. For RSA keys, 104214979Sdes the minimum size is 768 bits and the default is 2048 bits. 105214979Sdes Generally, 2048 bits is considered sufficient. DSA keys must be 106225825Sdes exactly 1024 bits as specified by FIPS 186-2. For ECDSA keys, 107239844Sdes the -b flag determines the key length by selecting from one of 108225825Sdes three elliptic curve sizes: 256, 384 or 521 bits. Attempting to 109225825Sdes use bit lengths other than these three values for ECDSA keys will 110262566Sdes fail. ED25519 keys have a fixed length and the -b flag will be 111262566Sdes ignored. 112180740Sdes 113180740Sdes -C comment 114180740Sdes Provides a new comment. 115180740Sdes 116180740Sdes -c Requests changing the comment in the private and public key 117214979Sdes files. This operation is only supported for RSA1 keys. The 118214979Sdes program will prompt for the file containing the private keys, for 119180740Sdes the passphrase if the key has one, and for the new comment. 120180740Sdes 121204861Sdes -D pkcs11 122214979Sdes Download the RSA public keys provided by the PKCS#11 shared 123214979Sdes library pkcs11. When used in combination with -s, this option 124214979Sdes indicates that a CA key resides in a PKCS#11 token (see the 125214979Sdes CERTIFICATES section for details). 126180740Sdes 127180740Sdes -e This option will read a private or public OpenSSH key file and 128214979Sdes print to stdout the key in one of the formats specified by the -m 129214979Sdes option. The default export format is ``RFC4716''. This option 130214979Sdes allows exporting OpenSSH keys for use by other programs, 131214979Sdes including several commercial SSH implementations. 132180740Sdes 133180740Sdes -F hostname 134180740Sdes Search for the specified hostname in a known_hosts file, listing 135180740Sdes any occurrences found. This option is useful to find hashed host 136180740Sdes names or addresses and may also be used in conjunction with the 137180740Sdes -H option to print found keys in a hashed format. 138180740Sdes 139180740Sdes -f filename 140180740Sdes Specifies the filename of the key file. 141180740Sdes 142180740Sdes -G output_file 143180740Sdes Generate candidate primes for DH-GEX. These primes must be 144180740Sdes screened for safety (using the -T option) before use. 145180740Sdes 146180740Sdes -g Use generic DNS format when printing fingerprint resource records 147180740Sdes using the -r command. 148180740Sdes 149214979Sdes -H Hash a known_hosts file. This replaces all hostnames and 150214979Sdes addresses with hashed representations within the specified file; 151180740Sdes the original content is moved to a file with a .old suffix. 152180740Sdes These hashes may be used normally by ssh and sshd, but they do 153180740Sdes not reveal identifying information should the file's contents be 154180740Sdes disclosed. This option will not modify existing hashed hostnames 155180740Sdes and is therefore safe to use on files that mix hashed and non- 156180740Sdes hashed names. 157180740Sdes 158204861Sdes -h When signing a key, create a host certificate instead of a user 159204861Sdes certificate. Please see the CERTIFICATES section for details. 160204861Sdes 161204861Sdes -I certificate_identity 162204861Sdes Specify the key identity when signing a public key. Please see 163204861Sdes the CERTIFICATES section for details. 164204861Sdes 165180740Sdes -i This option will read an unencrypted private (or public) key file 166214979Sdes in the format specified by the -m option and print an OpenSSH 167239844Sdes compatible private (or public) key to stdout. 168180740Sdes 169239849Sdes -J num_lines 170239849Sdes Exit after screening the specified number of lines while 171239849Sdes performing DH candidate screening using the -T option. 172239849Sdes 173239849Sdes -j start_line 174239849Sdes Start screening at the specified line number while performing DH 175239849Sdes candidate screening using the -T option. 176239849Sdes 177239844Sdes -K checkpt 178239844Sdes Write the last line processed to the file checkpt while 179239844Sdes performing DH candidate screening using the -T option. This will 180239844Sdes be used to skip lines in the input file that have already been 181239844Sdes processed if the job is restarted. This option allows importing 182239844Sdes keys from other software, including several commercial SSH 183239844Sdes implementations. The default import format is ``RFC4716''. 184239844Sdes 185248613Sdes -k Generate a KRL file. In this mode, ssh-keygen will generate a 186248613Sdes KRL file at the location specified via the -f flag that revokes 187248613Sdes every key or certificate presented on the command line. 188248613Sdes Keys/certificates to be revoked may be specified by public key 189248613Sdes file or using the format described in the KEY REVOCATION LISTS 190248613Sdes section. 191248613Sdes 192204861Sdes -L Prints the contents of a certificate. 193204861Sdes 194180740Sdes -l Show fingerprint of specified public key file. Private RSA1 keys 195180740Sdes are also supported. For RSA and DSA keys ssh-keygen tries to 196180750Sdes find the matching public key file and prints its fingerprint. If 197214979Sdes combined with -v, an ASCII art representation of the key is 198214979Sdes supplied with the fingerprint. 199180740Sdes 200180740Sdes -M memory 201214979Sdes Specify the amount of memory to use (in megabytes) when 202214979Sdes generating candidate moduli for DH-GEX. 203180740Sdes 204214979Sdes -m key_format 205214979Sdes Specify a key format for the -i (import) or -e (export) 206214979Sdes conversion options. The supported key formats are: ``RFC4716'' 207214979Sdes (RFC 4716/SSH2 public or private key), ``PKCS8'' (PEM PKCS8 208214979Sdes public key) or ``PEM'' (PEM public key). The default conversion 209214979Sdes format is ``RFC4716''. 210214979Sdes 211180740Sdes -N new_passphrase 212180740Sdes Provides the new passphrase. 213180740Sdes 214204861Sdes -n principals 215214979Sdes Specify one or more principals (user or host names) to be 216214979Sdes included in a certificate when signing a key. Multiple 217214979Sdes principals may be specified, separated by commas. Please see the 218214979Sdes CERTIFICATES section for details. 219204861Sdes 220214979Sdes -O option 221214979Sdes Specify a certificate option when signing a key. This option may 222214979Sdes be specified multiple times. Please see the CERTIFICATES section 223214979Sdes for details. The options that are valid for user certificates 224214979Sdes are: 225204861Sdes 226214979Sdes clear Clear all enabled permissions. This is useful for 227214979Sdes clearing the default set of permissions so permissions 228214979Sdes may be added individually. 229204861Sdes 230207311Sdes force-command=command 231207311Sdes Forces the execution of command instead of any shell or 232207311Sdes command specified by the user when the certificate is 233207311Sdes used for authentication. 234207311Sdes 235204861Sdes no-agent-forwarding 236204861Sdes Disable ssh-agent(1) forwarding (permitted by default). 237204861Sdes 238204861Sdes no-port-forwarding 239204861Sdes Disable port forwarding (permitted by default). 240204861Sdes 241204861Sdes no-pty Disable PTY allocation (permitted by default). 242204861Sdes 243204861Sdes no-user-rc 244204861Sdes Disable execution of ~/.ssh/rc by sshd(8) (permitted by 245204861Sdes default). 246204861Sdes 247207311Sdes no-x11-forwarding 248207311Sdes Disable X11 forwarding (permitted by default). 249204861Sdes 250204861Sdes permit-agent-forwarding 251204861Sdes Allows ssh-agent(1) forwarding. 252204861Sdes 253204861Sdes permit-port-forwarding 254204861Sdes Allows port forwarding. 255204861Sdes 256204861Sdes permit-pty 257204861Sdes Allows PTY allocation. 258204861Sdes 259204861Sdes permit-user-rc 260204861Sdes Allows execution of ~/.ssh/rc by sshd(8). 261204861Sdes 262207311Sdes permit-x11-forwarding 263207311Sdes Allows X11 forwarding. 264204861Sdes 265204861Sdes source-address=address_list 266204861Sdes Restrict the source addresses from which the certificate 267214979Sdes is considered valid. The address_list is a comma- 268214979Sdes separated list of one or more address/netmask pairs in 269214979Sdes CIDR format. 270204861Sdes 271214979Sdes At present, no options are valid for host keys. 272204861Sdes 273262566Sdes -o Causes ssh-keygen to save SSH protocol 2 private keys using the 274262566Sdes new OpenSSH format rather than the more compatible PEM format. 275262566Sdes The new format has increased resistance to brute-force password 276262566Sdes cracking but is not supported by versions of OpenSSH prior to 277262566Sdes 6.5. Ed25519 keys always use the new private key format. 278262566Sdes 279180740Sdes -P passphrase 280180740Sdes Provides the (old) passphrase. 281180740Sdes 282180740Sdes -p Requests changing the passphrase of a private key file instead of 283180740Sdes creating a new private key. The program will prompt for the file 284180740Sdes containing the private key, for the old passphrase, and twice for 285180740Sdes the new passphrase. 286180740Sdes 287248613Sdes -Q Test whether keys have been revoked in a KRL. 288248613Sdes 289225825Sdes -q Silence ssh-keygen. 290180740Sdes 291180740Sdes -R hostname 292180740Sdes Removes all keys belonging to hostname from a known_hosts file. 293180740Sdes This option is useful to delete hashed hosts (see the -H option 294180740Sdes above). 295180740Sdes 296180740Sdes -r hostname 297180740Sdes Print the SSHFP fingerprint resource record named hostname for 298180740Sdes the specified public key file. 299180740Sdes 300180740Sdes -S start 301180740Sdes Specify start point (in hex) when generating candidate moduli for 302180740Sdes DH-GEX. 303180740Sdes 304204861Sdes -s ca_key 305204861Sdes Certify (sign) a public key using the specified CA key. Please 306204861Sdes see the CERTIFICATES section for details. 307204861Sdes 308248613Sdes When generating a KRL, -s specifies a path to a CA public key 309248613Sdes file used to revoke certificates directly by key ID or serial 310248613Sdes number. See the KEY REVOCATION LISTS section for details. 311248613Sdes 312180740Sdes -T output_file 313180740Sdes Test DH group exchange candidate primes (generated using the -G 314180740Sdes option) for safety. 315180740Sdes 316180740Sdes -t type 317180740Sdes Specifies the type of key to create. The possible values are 318262566Sdes ``rsa1'' for protocol version 1 and ``dsa'', ``ecdsa'', 319262566Sdes ``ed25519'', or ``rsa'' for protocol version 2. 320180740Sdes 321248613Sdes -u Update a KRL. When specified with -k, keys listed via the 322248613Sdes command line are added to the existing KRL rather than a new KRL 323248613Sdes being created. 324248613Sdes 325204861Sdes -V validity_interval 326214979Sdes Specify a validity interval when signing a certificate. A 327214979Sdes validity interval may consist of a single time, indicating that 328214979Sdes the certificate is valid beginning now and expiring at that time, 329214979Sdes or may consist of two times separated by a colon to indicate an 330214979Sdes explicit time interval. The start time may be specified as a 331214979Sdes date in YYYYMMDD format, a time in YYYYMMDDHHMMSS format or a 332214979Sdes relative time (to the current time) consisting of a minus sign 333214979Sdes followed by a relative time in the format described in the TIME 334214979Sdes FORMATS section of sshd_config(5). The end time may be specified 335214979Sdes as a YYYYMMDD date, a YYYYMMDDHHMMSS time or a relative time 336214979Sdes starting with a plus character. 337180740Sdes 338204861Sdes For example: ``+52w1d'' (valid from now to 52 weeks and one day 339204861Sdes from now), ``-4w:+4w'' (valid from four weeks ago to four weeks 340204861Sdes from now), ``20100101123000:20110101123000'' (valid from 12:30 341204861Sdes PM, January 1st, 2010 to 12:30 PM, January 1st, 2011), 342204861Sdes ``-1d:20110101'' (valid from yesterday to midnight, January 1st, 343204861Sdes 2011). 344204861Sdes 345180740Sdes -v Verbose mode. Causes ssh-keygen to print debugging messages 346214979Sdes about its progress. This is helpful for debugging moduli 347214979Sdes generation. Multiple -v options increase the verbosity. The 348214979Sdes maximum is 3. 349180740Sdes 350180740Sdes -W generator 351180740Sdes Specify desired generator when testing candidate moduli for DH- 352180740Sdes GEX. 353180740Sdes 354180740Sdes -y This option will read a private OpenSSH format file and print an 355180740Sdes OpenSSH public key to stdout. 356180740Sdes 357214979Sdes -z serial_number 358214979Sdes Specifies a serial number to be embedded in the certificate to 359214979Sdes distinguish this certificate from others from the same CA. The 360214979Sdes default serial number is zero. 361214979Sdes 362248613Sdes When generating a KRL, the -z flag is used to specify a KRL 363248613Sdes version number. 364248613Sdes 365180740SdesMODULI GENERATION 366180740Sdes ssh-keygen may be used to generate groups for the Diffie-Hellman Group 367214979Sdes Exchange (DH-GEX) protocol. Generating these groups is a two-step 368214979Sdes process: first, candidate primes are generated using a fast, but memory 369214979Sdes intensive process. These candidate primes are then tested for 370214979Sdes suitability (a CPU-intensive process). 371180740Sdes 372180740Sdes Generation of primes is performed using the -G option. The desired 373180740Sdes length of the primes may be specified by the -b option. For example: 374180740Sdes 375180740Sdes # ssh-keygen -G moduli-2048.candidates -b 2048 376180740Sdes 377180740Sdes By default, the search for primes begins at a random point in the desired 378214979Sdes length range. This may be overridden using the -S option, which 379214979Sdes specifies a different start point (in hex). 380180740Sdes 381239849Sdes Once a set of candidates have been generated, they must be screened for 382180740Sdes suitability. This may be performed using the -T option. In this mode 383180740Sdes ssh-keygen will read candidates from standard input (or a file specified 384180740Sdes using the -f option). For example: 385180740Sdes 386180740Sdes # ssh-keygen -T moduli-2048 -f moduli-2048.candidates 387180740Sdes 388180740Sdes By default, each candidate will be subjected to 100 primality tests. 389180740Sdes This may be overridden using the -a option. The DH generator value will 390180740Sdes be chosen automatically for the prime under consideration. If a specific 391180740Sdes generator is desired, it may be requested using the -W option. Valid 392180740Sdes generator values are 2, 3, and 5. 393180740Sdes 394180740Sdes Screened DH groups may be installed in /etc/moduli. It is important that 395180740Sdes this file contains moduli of a range of bit lengths and that both ends of 396180740Sdes a connection share common moduli. 397180740Sdes 398204861SdesCERTIFICATES 399204861Sdes ssh-keygen supports signing of keys to produce certificates that may be 400204861Sdes used for user or host authentication. Certificates consist of a public 401204861Sdes key, some identity information, zero or more principal (user or host) 402214979Sdes names and a set of options that are signed by a Certification Authority 403214979Sdes (CA) key. Clients or servers may then trust only the CA key and verify 404214979Sdes its signature on a certificate rather than trusting many user/host keys. 405214979Sdes Note that OpenSSH certificates are a different, and much simpler, format 406214979Sdes to the X.509 certificates used in ssl(8). 407204861Sdes 408214979Sdes ssh-keygen supports two types of certificates: user and host. User 409214979Sdes certificates authenticate users to servers, whereas host certificates 410214979Sdes authenticate server hosts to users. To generate a user certificate: 411204861Sdes 412204861Sdes $ ssh-keygen -s /path/to/ca_key -I key_id /path/to/user_key.pub 413204861Sdes 414207311Sdes The resultant certificate will be placed in /path/to/user_key-cert.pub. 415204861Sdes A host certificate requires the -h option: 416204861Sdes 417204861Sdes $ ssh-keygen -s /path/to/ca_key -I key_id -h /path/to/host_key.pub 418204861Sdes 419214979Sdes The host certificate will be output to /path/to/host_key-cert.pub. 420214979Sdes 421214979Sdes It is possible to sign using a CA key stored in a PKCS#11 token by 422214979Sdes providing the token library using -D and identifying the CA key by 423214979Sdes providing its public half as an argument to -s: 424214979Sdes 425214979Sdes $ ssh-keygen -s ca_key.pub -D libpkcs11.so -I key_id host_key.pub 426214979Sdes 427214979Sdes In all cases, key_id is a "key identifier" that is logged by the server 428204861Sdes when the certificate is used for authentication. 429204861Sdes 430214979Sdes Certificates may be limited to be valid for a set of principal 431214979Sdes (user/host) names. By default, generated certificates are valid for all 432214979Sdes users or hosts. To generate a certificate for a specified set of 433214979Sdes principals: 434204861Sdes 435204861Sdes $ ssh-keygen -s ca_key -I key_id -n user1,user2 user_key.pub 436207311Sdes $ ssh-keygen -s ca_key -I key_id -h -n host.domain user_key.pub 437204861Sdes 438204861Sdes Additional limitations on the validity and use of user certificates may 439214979Sdes be specified through certificate options. A certificate option may 440214979Sdes disable features of the SSH session, may be valid only when presented 441214979Sdes from particular source addresses or may force the use of a specific 442214979Sdes command. For a list of valid certificate options, see the documentation 443204861Sdes for the -O option above. 444204861Sdes 445204861Sdes Finally, certificates may be defined with a validity lifetime. The -V 446214979Sdes option allows specification of certificate start and end times. A 447214979Sdes certificate that is presented at a time outside this range will not be 448248613Sdes considered valid. By default, certificates are valid from UNIX Epoch to 449248613Sdes the distant future. 450204861Sdes 451214979Sdes For certificates to be used for user or host authentication, the CA 452214979Sdes public key must be trusted by sshd(8) or ssh(1). Please refer to those 453214979Sdes manual pages for details. 454204861Sdes 455248613SdesKEY REVOCATION LISTS 456248613Sdes ssh-keygen is able to manage OpenSSH format Key Revocation Lists (KRLs). 457248613Sdes These binary files specify keys or certificates to be revoked using a 458262566Sdes compact format, taking as little as one bit per certificate if they are 459248613Sdes being revoked by serial number. 460248613Sdes 461248613Sdes KRLs may be generated using the -k flag. This option reads one or more 462248613Sdes files from the command line and generates a new KRL. The files may 463248613Sdes either contain a KRL specification (see below) or public keys, listed one 464248613Sdes per line. Plain public keys are revoked by listing their hash or 465248613Sdes contents in the KRL and certificates revoked by serial number or key ID 466248613Sdes (if the serial is zero or not available). 467248613Sdes 468248613Sdes Revoking keys using a KRL specification offers explicit control over the 469248613Sdes types of record used to revoke keys and may be used to directly revoke 470248613Sdes certificates by serial number or key ID without having the complete 471248613Sdes original certificate on hand. A KRL specification consists of lines 472248613Sdes containing one of the following directives followed by a colon and some 473248613Sdes directive-specific information. 474248613Sdes 475248613Sdes serial: serial_number[-serial_number] 476248613Sdes Revokes a certificate with the specified serial number. Serial 477248613Sdes numbers are 64-bit values, not including zero and may be 478248613Sdes expressed in decimal, hex or octal. If two serial numbers are 479248613Sdes specified separated by a hyphen, then the range of serial numbers 480248613Sdes including and between each is revoked. The CA key must have been 481248613Sdes specified on the ssh-keygen command line using the -s option. 482248613Sdes 483248613Sdes id: key_id 484248613Sdes Revokes a certificate with the specified key ID string. The CA 485248613Sdes key must have been specified on the ssh-keygen command line using 486248613Sdes the -s option. 487248613Sdes 488248613Sdes key: public_key 489248613Sdes Revokes the specified key. If a certificate is listed, then it 490248613Sdes is revoked as a plain public key. 491248613Sdes 492248613Sdes sha1: public_key 493248613Sdes Revokes the specified key by its SHA1 hash. 494248613Sdes 495248613Sdes KRLs may be updated using the -u flag in addition to -k. When this 496248613Sdes option is specified, keys listed via the command line are merged into the 497248613Sdes KRL, adding to those already there. 498248613Sdes 499248613Sdes It is also possible, given a KRL, to test whether it revokes a particular 500248613Sdes key (or keys). The -Q flag will query an existing KRL, testing each key 501248613Sdes specified on the commandline. If any key listed on the command line has 502248613Sdes been revoked (or an error encountered) then ssh-keygen will exit with a 503248613Sdes non-zero exit status. A zero exit status will only be returned if no key 504248613Sdes was revoked. 505248613Sdes 506180740SdesFILES 507180740Sdes ~/.ssh/identity 508180740Sdes Contains the protocol version 1 RSA authentication identity of 509214979Sdes the user. This file should not be readable by anyone but the 510214979Sdes user. It is possible to specify a passphrase when generating the 511180740Sdes key; that passphrase will be used to encrypt the private part of 512218767Sdes this file using 3DES. This file is not automatically accessed by 513218767Sdes ssh-keygen but it is offered as the default file for the private 514218767Sdes key. ssh(1) will read this file when a login attempt is made. 515180740Sdes 516180740Sdes ~/.ssh/identity.pub 517214979Sdes Contains the protocol version 1 RSA public key for 518214979Sdes authentication. The contents of this file should be added to 519180740Sdes ~/.ssh/authorized_keys on all machines where the user wishes to 520180740Sdes log in using RSA authentication. There is no need to keep the 521180740Sdes contents of this file secret. 522180740Sdes 523180740Sdes ~/.ssh/id_dsa 524218767Sdes ~/.ssh/id_ecdsa 525262566Sdes ~/.ssh/id_ed25519 526218767Sdes ~/.ssh/id_rsa 527262566Sdes Contains the protocol version 2 DSA, ECDSA, ED25519 or RSA 528262566Sdes authentication identity of the user. This file should not be 529262566Sdes readable by anyone but the user. It is possible to specify a 530262566Sdes passphrase when generating the key; that passphrase will be used 531262566Sdes to encrypt the private part of this file using 128-bit AES. This 532262566Sdes file is not automatically accessed by ssh-keygen but it is 533262566Sdes offered as the default file for the private key. ssh(1) will 534262566Sdes read this file when a login attempt is made. 535180740Sdes 536180740Sdes ~/.ssh/id_dsa.pub 537218767Sdes ~/.ssh/id_ecdsa.pub 538262566Sdes ~/.ssh/id_ed25519.pub 539180740Sdes ~/.ssh/id_rsa.pub 540262566Sdes Contains the protocol version 2 DSA, ECDSA, ED25519 or RSA public 541262566Sdes key for authentication. The contents of this file should be 542262566Sdes added to ~/.ssh/authorized_keys on all machines where the user 543262566Sdes wishes to log in using public key authentication. There is no 544262566Sdes need to keep the contents of this file secret. 545180740Sdes 546180740Sdes /etc/moduli 547180740Sdes Contains Diffie-Hellman groups used for DH-GEX. The file format 548180740Sdes is described in moduli(5). 549180740Sdes 550180740SdesSEE ALSO 551180740Sdes ssh(1), ssh-add(1), ssh-agent(1), moduli(5), sshd(8) 552180740Sdes 553180740Sdes The Secure Shell (SSH) Public Key File Format, RFC 4716, 2006. 554180740Sdes 555180740SdesAUTHORS 556180740Sdes OpenSSH is a derivative of the original and free ssh 1.2.12 release by 557180740Sdes Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo 558180740Sdes de Raadt and Dug Song removed many bugs, re-added newer features and 559180740Sdes created OpenSSH. Markus Friedl contributed the support for SSH protocol 560180740Sdes versions 1.5 and 2.0. 561180740Sdes 562264377SdesOpenBSD 5.5 February 5, 2014 OpenBSD 5.5 563