view dropbearkey.1 @ 1822:fa6ff07dcc77

signkey: remove !! from SHA1 digest (#130) Remove the "!!" chars from message when printing the key-fingerprint, as it's confusing users. They have been added when switching from MD5, but SHA1 can be considered as standard today. Signed-off-by: Sven Roederer <[email protected]>
author Sven Roederer <devel-sven@geroedel.de>
date Thu, 19 Aug 2021 17:39:31 +0200
parents 5c8913b7464c
children
line wrap: on
line source

.TH dropbearkey 1
.SH NAME
dropbearkey \- create private keys for the use with dropbear(8) or dbclient(1)
.SH SYNOPSIS
.B dropbearkey
\-t
.I type
\-f
.I file
[\-s
.IR bits ]
[\-y]
.SH DESCRIPTION
.B dropbearkey
generates a
\fIRSA\fR, \fIDSS\fR, \fIECDSA\fR, or \fIEd25519\fR
format SSH private key, and saves it to a file for the use with the
Dropbear client or server.
Note that 
some SSH implementations
use the term "DSA" rather than "DSS", they mean the same thing.
.SH OPTIONS
.TP
.B \-t \fItype
Type of key to generate.
Must be one of
.I rsa
.I ecdsa
.I ed25519
or
.IR dss .
.TP
.B \-f \fIfile
Write the secret key to the file
\fIfile\fR. For client authentication ~/.ssh/id_dropbear is loaded by default
.TP
.B \-s \fIbits
Set the key size to
.I bits
bits, should be multiple of 8 (optional). 
.TP
.B \-y
Just print the publickey and fingerprint for the private key in \fIfile\fR.
.SH NOTES
The program dropbearconvert(1) can be used to convert between Dropbear and OpenSSH key formats.
.P
Dropbear does not support encrypted keys. 
.SH EXAMPLE
generate a host-key:
 # dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key

extract a public key suitable for authorized_keys from private key:
 # dropbearkey -y -f id_rsa | grep "^ssh-rsa " >> authorized_keys
.SH AUTHOR
Matt Johnston ([email protected]).
.br
Gerrit Pape ([email protected]) wrote this manual page.
.SH SEE ALSO
dropbear(8), dbclient(1), dropbearconvert(1)
.P
https://matt.ucc.asn.au/dropbear/dropbear.html