1.\" $NetBSD: plainrsa-gen.8,v 1.10 2005/11/21 14:20:29 manu Exp $ 2.\" 3.\" Id: plainrsa-gen.8,v 1.2.10.1 2005/04/18 11:10:55 manubsd Exp 4.\" 5.\" Copyright (C) 2004 SuSE Linux AG, Nuernberg, Germany. 6.\" Contributed by: Michal Ludvig <mludvig@suse.cz>, SUSE Labs 7.\" All rights reserved. 8.\" 9.\" Redistribution and use in source and binary forms, with or without 10.\" modification, are permitted provided that the following conditions 11.\" are met: 12.\" 1. Redistributions of source code must retain the above copyright 13.\" notice, this list of conditions and the following disclaimer. 14.\" 2. Redistributions in binary form must reproduce the above copyright 15.\" notice, this list of conditions and the following disclaimer in the 16.\" documentation and/or other materials provided with the distribution. 17.\" 3. Neither the name of the project nor the names of its contributors 18.\" may be used to endorse or promote products derived from this software 19.\" without specific prior written permission. 20.\" 21.\" THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 22.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24.\" ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 25.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31.\" SUCH DAMAGE. 32.\" 33.Dd June 14, 2004 34.Dt PLAINRSA-GEN 8 35.Os 36.\" 37.Sh NAME 38.Nm plainrsa-gen 39.Nd generator for Plain RSA keys 40.\" 41.Sh SYNOPSIS 42.Nm plainrsa-gen 43.Bk -words 44.Op Fl b Ar bits 45.Op Fl e Ar pubexp 46.Op Fl f Ar outfile 47.Op Fl h 48.Ek 49.\" 50.Sh DESCRIPTION 51.Nm 52can be used to generate 53.Li Plain RSA keys 54for authentication purposes. 55Using 56.Li Plain RSA keys 57is optional. 58Other possibilities are 59.Li Pre-shared keys 60or 61.Li X.509 certificates . 62.\" 63.Bl -tag -width Ds 64.It Fl b Ar bits 65bit length of the key. 66Default is 67.Li 1024 , 68recommended length is 69.Li 2048 70or even 71.Li 4096 72bits. 73Note that generating longer keys takes more time. 74.It Fl e Ar pubexp 75value of the RSA public exponent. 76Default is 77.Li 0x3 . 78Don't change this unless you really know what you are doing! 79.It Fl f Ar outfile 80write the resulting key to 81.Ar outfile 82instead of 83.Li stdout . 84If the file already exists it won't be overwritten. 85You wouldn't like to lose your private key by accident, would you? 86.El 87.\" 88.Sh OUTPUT FILE FORMAT 89This is the secret 90.Li private key 91that should 92.Ic never 93leave your computer: 94.Bd -literal 95: RSA { 96 # RSA 1024 bits 97 # pubkey=0sAQOrWlcwbAIdNSMhDt... 98 Modulus: 0xab5a57306c021d3523... 99 PublicExponent: 0x03 100 PrivateExponent: 0x723c3a2048... 101 Prime1: 0xd309b30e6adf9d85c01... 102 Prime2: 0xcfdc2a8aa5b2b3c90e3... 103 Exponent1: 0x8cb122099c9513ae... 104 Exponent2: 0x8a92c7071921cd30... 105 Coefficient: 0x722751305eafe9... 106 } 107.Ed 108.Pp 109The line 110.Li pubkey=0sAQOrW... 111of the 112.Li private key 113contains a 114.Li public key 115that should be stored in the other peer's configuration in this format: 116.Bd -literal 117: PUB 0sAQOrWlcwbAIdNSMhDt... 118.Ed 119.\" 120.Pp 121You can also specify 122.Li from 123and 124.Li to 125addresses for which the key is valid: 126.Bd -literal 1270.0.0.0/0 10.20.30.0/24 : PUB 0sAQOrWlcwbAIdNSMhDt... 128.Ed 129.\" 130.Sh SEE ALSO 131.Xr racoon.conf 5 , 132.Xr racoon 8 133.\" 134.Sh HISTORY 135.Nm 136was written by 137.An Michal Ludvig Aq michal@logix.cz 138and first appeared in 139.Ic ipsec-tools 0.4 . 140