| .\" $NetBSD: plainrsa-gen.8,v 1.13 2006/09/19 18:54:39 wiz Exp $ |
| .\" |
| .\" Id: plainrsa-gen.8,v 1.4 2005/04/18 11:07:55 manubsd Exp |
| .\" |
| .\" Copyright (C) 2004 SuSE Linux AG, Nuernberg, Germany. |
| .\" Contributed by: Michal Ludvig <mludvig@suse.cz>, SUSE Labs |
| .\" All rights reserved. |
| .\" |
| .\" Redistribution and use in source and binary forms, with or without |
| .\" modification, are permitted provided that the following conditions |
| .\" are met: |
| .\" 1. Redistributions of source code must retain the above copyright |
| .\" notice, this list of conditions and the following disclaimer. |
| .\" 2. Redistributions in binary form must reproduce the above copyright |
| .\" notice, this list of conditions and the following disclaimer in the |
| .\" documentation and/or other materials provided with the distribution. |
| .\" 3. Neither the name of the project nor the names of its contributors |
| .\" may be used to endorse or promote products derived from this software |
| .\" without specific prior written permission. |
| .\" |
| .\" THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND |
| .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
| .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
| .\" ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE |
| .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
| .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
| .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
| .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
| .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
| .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
| .\" SUCH DAMAGE. |
| .\" |
| .Dd June 14, 2004 |
| .Dt PLAINRSA-GEN 8 |
| .Os |
| .\" |
| .Sh NAME |
| .Nm plainrsa-gen |
| .Nd generator for Plain RSA keys |
| .\" |
| .Sh SYNOPSIS |
| .Nm plainrsa-gen |
| .Bk -words |
| .Op Fl b Ar bits |
| .Op Fl e Ar pubexp |
| .Op Fl f Ar outfile |
| .Op Fl h |
| .Ek |
| .\" |
| .Sh DESCRIPTION |
| .Nm |
| can be used to generate |
| .Li Plain RSA keys |
| for authentication purposes. |
| Using |
| .Li Plain RSA keys |
| is optional. |
| Other possibilities are |
| .Li Pre-shared keys |
| or |
| .Li X.509 certificates . |
| .\" |
| .Bl -tag -width Ds |
| .It Fl b Ar bits |
| bit length of the key. |
| Default is |
| .Li 1024 , |
| recommended length is |
| .Li 2048 |
| or even |
| .Li 4096 |
| bits. |
| Note that generating longer keys takes longer time. |
| .It Fl e Ar pubexp |
| value of RSA public exponent. |
| Default is |
| .Li 0x3 . |
| Don't change this unless you really know what you are doing! |
| .It Fl f Ar outfile |
| .Ar outfile |
| instead of |
| .Li stdout . |
| If the file already exists it won't be overwritten. |
| You wouldn't like to lose your private key by accident, would you? |
| .El |
| .\" |
| .Sh OUTPUT FILE FORMAT |
| This is the secret |
| .Li private key |
| that should |
| .Ic never |
| leave your computer: |
| .Bd -literal |
| : RSA { |
| # RSA 1024 bits |
| # pubkey=0sAQOrWlcwbAIdNSMhDt... |
| Modulus: 0xab5a57306c021d3523... |
| PublicExponent: 0x03 |
| PrivateExponent: 0x723c3a2048... |
| Prime1: 0xd309b30e6adf9d85c01... |
| Prime2: 0xcfdc2a8aa5b2b3c90e3... |
| Exponent1: 0x8cb122099c9513ae... |
| Exponent2: 0x8a92c7071921cd30... |
| Coefficient: 0x722751305eafe9... |
| } |
| .Ed |
| .Pp |
| The line |
| .Li pubkey=0sAQOrW... |
| of the |
| .Li private key |
| contains a |
| .Li public key |
| that should be stored in the other peer's configuration in this format: |
| .Bd -literal |
| : PUB 0sAQOrWlcwbAIdNSMhDt... |
| .Ed |
| .\" |
| .Pp |
| You can also specify |
| .Li from |
| and |
| .Li to |
| addresses for which the key is valid: |
| .Bd -literal |
| 0.0.0.0/0 10.20.30.0/24 : PUB 0sAQOrWlcwbAIdNSMhDt... |
| .Ed |
| .\" |
| .Sh SEE ALSO |
| .Xr racoon.conf 5 , |
| .Xr racoon 8 |
| .\" |
| .Sh HISTORY |
| .Nm |
| was written by |
| .An Michal Ludvig Aq michal@logix.cz |
| and first appeared in |
| .Ic ipsec-tools 0.4 . |