.\" $NetBSD: plainrsa-gen.8,v 1.13 2006/09/19 18:54:39 wiz Exp $
|
.\"
|
.\" Id: plainrsa-gen.8,v 1.4 2005/04/18 11:07:55 manubsd Exp
|
.\"
|
.\" Copyright (C) 2004 SuSE Linux AG, Nuernberg, Germany.
|
.\" Contributed by: Michal Ludvig <mludvig@suse.cz>, SUSE Labs
|
.\" All rights reserved.
|
.\"
|
.\" Redistribution and use in source and binary forms, with or without
|
.\" modification, are permitted provided that the following conditions
|
.\" are met:
|
.\" 1. Redistributions of source code must retain the above copyright
|
.\" notice, this list of conditions and the following disclaimer.
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
.\" notice, this list of conditions and the following disclaimer in the
|
.\" documentation and/or other materials provided with the distribution.
|
.\" 3. Neither the name of the project nor the names of its contributors
|
.\" may be used to endorse or promote products derived from this software
|
.\" without specific prior written permission.
|
.\"
|
.\" THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
|
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
|
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
.\" SUCH DAMAGE.
|
.\"
|
.Dd June 14, 2004
|
.Dt PLAINRSA-GEN 8
|
.Os
|
.\"
|
.Sh NAME
|
.Nm plainrsa-gen
|
.Nd generator for Plain RSA keys
|
.\"
|
.Sh SYNOPSIS
|
.Nm plainrsa-gen
|
.Bk -words
|
.Op Fl b Ar bits
|
.Op Fl e Ar pubexp
|
.Op Fl f Ar outfile
|
.Op Fl h
|
.Ek
|
.\"
|
.Sh DESCRIPTION
|
.Nm
|
can be used to generate
|
.Li Plain RSA keys
|
for authentication purposes.
|
Using
|
.Li Plain RSA keys
|
is optional.
|
Other possibilities are
|
.Li Pre-shared keys
|
or
|
.Li X.509 certificates .
|
.\"
|
.Bl -tag -width Ds
|
.It Fl b Ar bits
|
bit length of the key.
|
Default is
|
.Li 1024 ,
|
recommended length is
|
.Li 2048
|
or even
|
.Li 4096
|
bits.
|
Note that generating longer keys takes longer time.
|
.It Fl e Ar pubexp
|
value of RSA public exponent.
|
Default is
|
.Li 0x3 .
|
Don't change this unless you really know what you are doing!
|
.It Fl f Ar outfile
|
.Ar outfile
|
instead of
|
.Li stdout .
|
If the file already exists it won't be overwritten.
|
You wouldn't like to lose your private key by accident, would you?
|
.El
|
.\"
|
.Sh OUTPUT FILE FORMAT
|
This is the secret
|
.Li private key
|
that should
|
.Ic never
|
leave your computer:
|
.Bd -literal
|
: RSA {
|
# RSA 1024 bits
|
# pubkey=0sAQOrWlcwbAIdNSMhDt...
|
Modulus: 0xab5a57306c021d3523...
|
PublicExponent: 0x03
|
PrivateExponent: 0x723c3a2048...
|
Prime1: 0xd309b30e6adf9d85c01...
|
Prime2: 0xcfdc2a8aa5b2b3c90e3...
|
Exponent1: 0x8cb122099c9513ae...
|
Exponent2: 0x8a92c7071921cd30...
|
Coefficient: 0x722751305eafe9...
|
}
|
.Ed
|
.Pp
|
The line
|
.Li pubkey=0sAQOrW...
|
of the
|
.Li private key
|
contains a
|
.Li public key
|
that should be stored in the other peer's configuration in this format:
|
.Bd -literal
|
: PUB 0sAQOrWlcwbAIdNSMhDt...
|
.Ed
|
.\"
|
.Pp
|
You can also specify
|
.Li from
|
and
|
.Li to
|
addresses for which the key is valid:
|
.Bd -literal
|
0.0.0.0/0 10.20.30.0/24 : PUB 0sAQOrWlcwbAIdNSMhDt...
|
.Ed
|
.\"
|
.Sh SEE ALSO
|
.Xr racoon.conf 5 ,
|
.Xr racoon 8
|
.\"
|
.Sh HISTORY
|
.Nm
|
was written by
|
.An Michal Ludvig Aq michal@logix.cz
|
and first appeared in
|
.Ic ipsec-tools 0.4 .
|
