The Perl Toolchain Summit needs more sponsors. If your company depends on Perl, please support this very important event.

NAME

pssh-keygen - Authentication key generation/management

SYNOPSIS

pssh-keygen [-q] [-b bits] [-t type] [-N new_passphrase] [-f output_keyfile]

pssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile]

pssh-keygen -x [-f input_keyfile]

pssh-keygen -X [-f input_keyfile]

pssh-keygen -y [-f input_keyfile]

pssh-keygen -c [-P passphrase] [-C comment] [-f keyfile]

pssh-keygen -l [-f input_keyfile]

pssh-keygen -B [-f input_keyfile]

DESCRIPTION

pssh-keygen generates and manages SSH authentication keys. pssh-keygen is part of the Net::SSH::Perl suite; it could be used as a replacement for ssh-keygen, but is provided more in the spirit of an example of the Net::SSH::Perl key management libraries.

pssh-keygen defaults to generating/managing an RSA key for use by protocols 1.3 and 1.5; specifying the -t option allows you to create/manage a key for use by the SSH2 protocol.

Without any options--in other words, in the first command example in the SYNOPSIS--pssh-keygen generates a new key, then prompts the user for a filename where that key will be saved. The user is also prompted for a passphrase to encrypt the private key file. These prompts can be overriden by providing the values as command line options.

With any of the other options--ie. any of the other command examples in the SYNOPSIS--an existing keyfile will be "managed" in some way: users can change the passphrases, convert to SSH2-format key files, display key fingerprints, etc.

OPTIONS

-b bits

Specifies the number of bits in the key to be generated. The minimum is 512 bits; 1024 bits is the default, and should be considered sufficient from a security standpoint.

-c

Requests changing the comment in the private and public key files. The program will prompt for the file containing the private keys, for passphrase if the key has one, and for the new comment. Each of these prompts can be overriden be the appropriate command line option.

-f file

Specifies the filename of the key file. Defaults to $ENV{HOME}/.ssh/identity for rsa1 key files, $ENV{HOME}/.ssh/id_rsa for rsa key files, and $ENV{HOME}/.ssh/id_dsa for dsa key files.

-l

Show fingerprint of specified key file.

-B

Show fingerprint of specified key file in Bubble Babble format.

-p

Requests changing the passphrase of a private key file instead of generating a new private key. The program will prompt for the file containing the private key, for the old passphrase, and twice for the new passphrase (each of these prompts can be overridden by command line options).

-q

Silence pssh-keygen.

-t type

Specifies the type of the key to create/manage. The possible values are 'rsa1' for protocol version 1, 'dsa' for protocol version 2 DSA files, and 'rsa' for protocol version 2 RSA files. The default is 'rsa1'.

-N new_passphrase

Provides the new passphrase.

-P passphrase

Provides the (old) passphrase.

-x

Reads a private OpenSSH DSA format file and outputs an SSH2-compatible public key to STDOUT.

-X

Reads an unencrypted SSH2-compatible private key file and prints an OpenSSH compatible private key to STDOUT.

-y

Reads a private OpenSSH format file and outputs an OpenSSH public key to STDOUT.

AUTHOR & COPYRIGHTS

Please see the Net::SSH::Perl manpage for author, copyright, and license information.