1.\" $NetBSD: plainrsa-gen.8,v 1.13 2006/09/19 18:54:39 wiz Exp $ 2.\" 3.\" Id: plainrsa-gen.8,v 1.4 2005/04/18 11:07:55 manubsd Exp 4.\" 5.\" Copyright (C) 2004 SuSE Linux AG, Nuernberg, Germany. 6.\" Contributed by: Michal Ludvig <mludvig@suse.cz>, SUSE Labs 7.\" All rights reserved. 8.\" 9.\" Redistribution and use in source and binary forms, with or without 10.\" modification, are permitted provided that the following conditions 11.\" are met: 12.\" 1. Redistributions of source code must retain the above copyright 13.\" notice, this list of conditions and the following disclaimer. 14.\" 2. Redistributions in binary form must reproduce the above copyright 15.\" notice, this list of conditions and the following disclaimer in the 16.\" documentation and/or other materials provided with the distribution. 17.\" 3. Neither the name of the project nor the names of its contributors 18.\" may be used to endorse or promote products derived from this software 19.\" without specific prior written permission. 20.\" 21.\" THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 22.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24.\" ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 25.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31.\" SUCH DAMAGE. 32.\" 33.Dd June 14, 2004 34.Dt PLAINRSA-GEN 8 35.Os 36.\" 37.Sh NAME 38.Nm plainrsa-gen 39.Nd generator for Plain RSA keys 40.\" 41.Sh SYNOPSIS 42.Nm plainrsa-gen 43.Bk -words 44.Op Fl b Ar bits 45.Op Fl e Ar pubexp 46.Op Fl f Ar outfile 47.Op Fl h 48.Ek 49.\" 50.Sh DESCRIPTION 51.Nm 52can be used to generate 53.Li Plain RSA keys 54for authentication purposes. 55Using 56.Li Plain RSA keys 57is optional. 58Other possibilities are 59.Li Pre-shared keys 60or 61.Li X.509 certificates . 62.\" 63.Bl -tag -width Ds 64.It Fl b Ar bits 65bit length of the key. 66Default is 67.Li 1024 , 68recommended length is 69.Li 2048 70or even 71.Li 4096 72bits. 73Note that generating longer keys takes longer time. 74.It Fl e Ar pubexp 75value of RSA public exponent. 76Default is 77.Li 0x3 . 78Don't change this unless you really know what you are doing! 79.It Fl f Ar outfile 80.Ar outfile 81instead of 82.Li stdout . 83If the file already exists it won't be overwritten. 84You wouldn't like to lose your private key by accident, would you? 85.El 86.\" 87.Sh OUTPUT FILE FORMAT 88This is the secret 89.Li private key 90that should 91.Ic never 92leave your computer: 93.Bd -literal 94: RSA { 95 # RSA 1024 bits 96 # pubkey=0sAQOrWlcwbAIdNSMhDt... 97 Modulus: 0xab5a57306c021d3523... 98 PublicExponent: 0x03 99 PrivateExponent: 0x723c3a2048... 100 Prime1: 0xd309b30e6adf9d85c01... 101 Prime2: 0xcfdc2a8aa5b2b3c90e3... 102 Exponent1: 0x8cb122099c9513ae... 103 Exponent2: 0x8a92c7071921cd30... 104 Coefficient: 0x722751305eafe9... 105 } 106.Ed 107.Pp 108The line 109.Li pubkey=0sAQOrW... 110of the 111.Li private key 112contains a 113.Li public key 114that should be stored in the other peer's configuration in this format: 115.Bd -literal 116: PUB 0sAQOrWlcwbAIdNSMhDt... 117.Ed 118.\" 119.Pp 120You can also specify 121.Li from 122and 123.Li to 124addresses for which the key is valid: 125.Bd -literal 1260.0.0.0/0 10.20.30.0/24 : PUB 0sAQOrWlcwbAIdNSMhDt... 127.Ed 128.\" 129.Sh SEE ALSO 130.Xr racoon.conf 5 , 131.Xr racoon 8 132.\" 133.Sh HISTORY 134.Nm 135was written by 136.An Michal Ludvig Aq michal@logix.cz 137and first appeared in 138.Ic ipsec-tools 0.4 . 139