ssh-keydgen

command module
v0.4.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 8, 2018 License: Apache-2.0 Imports: 14 Imported by: 0

README

ssh-keydgen Go Report Card Build Status Github All Releases

Generate Deterministic SSH keys

NAME:
   ssh-keydgen - deterministic authentication key generation

USAGE:
   ssh-keydgen [[-t <type>] [-b <bits>] [-c <curve>] [-f <filename>] [-a <rounds>] [--at <time>] [--am <memory>] [--as <seedphrase>] [--aa]]

AUTHOR:
   cornfeedhobo

GLOBAL OPTIONS:
   -t type          Specifies the type of key to create. The possible values are "dsa", "ecdsa", "rsa", or "ed25519". (default: "rsa")
   -b bits          Specifies the number of bits in the key to create. Possible values are restricted by key type. (default: 2048)
   -c curve         Specifies the elliptic curve to use. The possible values are 256, 384, or 521. (default: 256)
   -f filename      Specifies the filename of the key file.
   -a rounds        Specifies the number of hashing rounds applied during key generation. (default: 1000)
   --at time        Specifies the time parameter for the Argon2 function. (default: 3)
   --am memory      Specifies the memory parameter for the Argon2 function. (default: 16384)
   --ap threads     Specifies the threads or parallelism for the Argon2 function. (default: 1)
   --as seedphrase  Provides the deterministic seedphrase.
   --aa             Add the generated key to the running ssh-agent.

COPYRIGHT:
   (c) 2018 cornfeedhobo

Usage

  1. Generate your keys

    keydgen -f path/to/deterministic_key
    ls -lh path/to/deterministic_key*
    
  2. Allow time to pass, hoping an emergency does not arise when you have no access to your keys ...

    If the time comes where you need access but can't get to your keys, you can then obtain this utility and re-generate, or even directly add your key to a running ssh-agent.

    ssh-keydgen --aa
    
  3. Profit!

FAQ

What Go versions are supported?

Go 1.9 or later

How can I verify the generated key is valid?

Until there are more implementations of this generation scheme, you can at least verify the private key is usable and the public key matches what openssh generates.

cat path/to/deterministic_key.pub
ssh-keygen -y -f path/to/deterministic_key

If the above outputs don't match, the public key was not generated properly. If you are prompted for a password, the private key was not generated properly.

How can I encrypt my key after generation?
ssh-keygen -p -f path/to/deterministic_key

Is it any good?

Yes

Documentation

The Go Gopher

There is no documentation for this package.

Directories

Path Synopsis
Package keygen package is a single entry point for generating OpenSSH keys
Package keygen package is a single entry point for generating OpenSSH keys
Package slowseeder implements a drop-in replacement for a rand source intended for cryptographic key generation.
Package slowseeder implements a drop-in replacement for a rand source intended for cryptographic key generation.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL