.TH dropbearkey 1
.SH NAME
dropbearkey \- create private keys for the use with dropbear(8) or dbclient(1)
.SH SYNOPSIS
.B dropbearkey
\-t
.I type
\-f
.I file
[\-s
.IR bits ]
[\-y]
.SH DESCRIPTION
.B dropbearkey
generates a
\fIRSA\fR, \fIDSS\fR, \fIECDSA\fR, or \fIEd25519\fR
format SSH private key, and saves it to a file for the use with the
Dropbear client or server.
Note that 
some SSH implementations
use the term "DSA" rather than "DSS", they mean the same thing.
.SH OPTIONS
.TP
.B \-t \fItype
Type of key to generate.
Must be one of
.I rsa
.I ecdsa
.I ed25519
or
.IR dss .
.TP
.B \-f \fIfile
Write the secret key to the file
\fIfile\fR. For client authentication ~/.ssh/id_dropbear is loaded by default
.TP
.B \-s \fIbits
Set the key size to
.I bits
bits, should be multiple of 8 (optional). 
.TP
.B \-y
Just print the publickey and fingerprint for the private key in \fIfile\fR.
.SH NOTES
The program dropbearconvert(1) can be used to convert between Dropbear and OpenSSH key formats.
.P
Dropbear does not support encrypted keys. 
.SH EXAMPLE
generate a host-key:
 # dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key

extract a public key suitable for authorized_keys from private key:
 # dropbearkey -y -f id_rsa | grep "^ssh-rsa " >> authorized_keys
.SH AUTHOR
Matt Johnston ([email protected]).
.br
Gerrit Pape ([email protected]) wrote this manual page.
.SH SEE ALSO
dropbear(8), dbclient(1), dropbearconvert(1)
.P
https://matt.ucc.asn.au/dropbear/dropbear.html