sshkeygen
The sshkeygen program is used to generate SSH public/private keys. The key pairs can be created in KVGroup or PuTTY format, and can be either saved to a file or sent to stdout.
Requirements
To enable logging for this program, you must add a system environment variable, IDM_SUITE_INSTANCE, to define the instance to log; for example: IDM_SUITE_INSTANCE = default. See your operating system documentation to learn how to do this. The program will be logged in:
Bravura Security\Bravura Security Fabric\Logs\<instance name>\idmsuite.log
Usage
sshkeygen [options]
The arguments are described in the following table:
Argument | Description |
|---|---|
-b <bits> | The length of the key in bits. If omitted, the default values will be used:
|
-c <comment> | The comment used in the private and public key files. |
-f <file name> | The name of the key file. If omitted, the stream is written to stdout. |
-t <type> | The key type. The acceptable values are rsa, dsa, ed25519, and sshv1. Default type is rsa. |
-r <format> | The key format: putty or kvg. Default format is kvg. |
Keys generated by sshkeygen in Connector Pack 4.1.x are compatible with Connector Pack 4.2 and above, while the reverse is not compatible.
Warning
Refrain from using SSHv1 keys for systems that support newer protocols. SSHv1 does not meet current security standards; use only for legacy systems that support nothing else.
Conditions
A passphrase must be specified when creating keys.
The minimum of 256 bits is required for rsa and dsa key types.
sshkeygenwill not generate a key otherwise.The acceptable key length for ed25519 is 256 bits. Any other key length will be ignored.
A file name must be provided if the key type is sshv1 and key format is putty.
Key files will not be created if there is already a file with the same name.
KVGroup format for the key pair
The KVGroup format for the user’s key pair is as follows:
# KVGROUP-V1.0
"" "" = {
"Comment" = " "
"Encrypted" = " "
"KeyFingerprint" = " "
"KeyType" = " "
"PrivateKey" = " "
"PrivateMAC" = " "
"PublicKey" = " "
}The KVGroup format for the user’s key pair for SSHv1 is as follows:
# KVGROUP-V1.0
"" "" = {
"A1-RSA-Signature" = "SSH PRIVATE KEY FILE FORMAT 1.1\n"
"Comment" = " "
"KeyFingerprint" = " "
"RSA-SSH1-Key" = " "
"authorized_keys" = " "
}Examples
To use
sshkeygento create a KVGroup format key and write to stdout, type:sshkeygen.exe -r kvg
The output looks like:
# KVGROUP-V1.0 "" "" = { "Comment" = "Public/Private Key Generated by sshkeygen at 2021-01-12 15:44:42 (UTC-07:00)" "Encrypted" = "yes" "KeyFingerprint" = "ssh-rsa 2048 45:2e:38:a4:99:50:ad:10:61:8a:33:da:df:c4:32:e0" "KeyType" = "ssh-rsa" "PrivateKey" = "Vc52v4mvaqyWer+f2roNluuxCcvpAorvAKcgS/dWpW8Pwzf6twJ1eLhfiQ0QrhfMWZTzM9kMdErEHWH+/av0GEfYqMloli74Au+ihOpn0F+ChIwDU/lSheIwGCcEU/3cyH8bBAGFMX7PUhl58FEoO0K0WtM7ROJjEzyO1WswIIDkM2hSvGINpm6jAlxPZUdUwNkhcFh17odSpUgRFVaKRU03BUxMARxNyA4dTzg50uzSOoEyF1sxDSMQUsiNpvlep4m/87xFTt0+h0cvv9yvFMAaRsegXOUu2oug5aBKMGYgiEvZKH0v0LIFcL3OQfp+1h07c01XlA8Bl4REhBqcIRYd9AN+Hwru5Cn99Gg9ygrxAJ1M2ra2+DG3j+NZeqowgbDax2yphFZgytOmbawnWxxICBB+Yp3eZyCsiT78QGGYB2r12ucpTSV8+dR/zqwhg8M6CM6riptdlGjtID7N7cxlbcTw2Cj8b4UbJ+rEXw1ViiwKcOkuBVZsBNkN9Ei1yQublZwIrdsCrRdeRDC9nXQuK02e0P8ZQdhUZA8wGAEu9FSflka7sLdCZ3wxhJip22KMvbVJFrGv9jyyJzaGXSJ3xY/jaUgES6Tz2CJpQZ483D9tPF60pek3AlOUG9JtjaHUzn3svOVNEIuEq/REffKhBtd3q4URX74Qc+kZC0Raw89v7mW+zDhL+h0IDX+LsZMy1x6IV0uJBj5ottBpSKmC/kRZuCDOIBnfRdXIktP5tldXmoctAhh7h8eZBLCHCCV6CnxuxtaWI3ajWNzSVH/CxWmE57brDf2wmIEEr/qkjQbFMMu7NLOSnrFr89AzmnECB6b36FWi0BK5hGpMAXl8QD25n48qheeqfYL4T88+DjFpe3AKEeNge51gYCrW" "PrivateMAC" = "bd5693d9b9c59064a35a3f70ecf397f5b346e50c" "PublicKey" = "AAAAB3NzaC1yc2EAAAABJQAAAQEAy+2xdnaBaHjxqwSUOo+gtIaX3ztLLoB4lYzs+YrcMP5uP3thjGBTOry3JXL4sV2PCL3Gl5pXH6m5t2YyKywGnTHy0SsPs+XqA+JTREYgWihHBILrb16DmdOUo0G3+pQRcnKgxf0xLzKyM/Yv+Rtq3lt/qo0OxBCIJP2Kpl76lggGe+J8JNhbW530DgFw/soqBUNHJ52sdVscvYQNky+tptTrE5xN/bw/OB9gN2uzKMOjWkcZQ6i3yfbpTwjsT4h1b3WhHvHDeYI0y/rc+CyCPqx076u8d0mPKWudJuXyTBkXktQYrO2A0foo/q30idrCNjxniF7iHpimd/EwO0qHgQ==" }To use
sshkeygento create a PuTTY format key and write to stdout, type:sshkeygen.exe -r putty
The output looks like:
PuTTY-User-Key-File-2: ssh-rsa Encryption: aes256-cbc Comment: Public/Private Key Generated by sshkeygen at 2021-01-12 15:56:04 (UTC-07:00) Public-Lines: 6 AAAAB3NzaC1yc2EAAAABJQAAAQEA/XhhGFeZOxU99kV7s43wk4VY9PIeJAHQ+uon Gc2KwFU1Ad288I1kdrZDPWDxZTQfv1KZEIaVWvLO7qSjqOO64TrPXa4ZabLc39JO OaUZxB2BjDnQG3xsRzjPLphp8G63s1xavSLpVdDBtyT+tJzm+VYgYBW1+CWLMFLS RxzpmNrN8P69dJo5cVVcusMLqw7PzlyQt7SdqDzdMJIj8QPv1J3YfZJznnGedTao EC4lWp7ve18utjpy1EOXIPPJShcV5f9hLnVyXKVvnhzT5slaXGJtzP/LvSGCmj3s D3AL7aHfCDvepVeTvsyseC41xoLrzJbHJk/Il5ksn8vSWLWr8Q== Private-Lines: 14 STmae6fZ2+7T7Ji2I3Zp9/J+oiG/F7qGub3t3oWSZ3rvN3UYjWSVXokiSgFjMmg3 bubIeNIGCJDG37PbbFpaLPQv66Zc636EdFxUSAGWQU7LMNN8ALKVXui5yDef+kz+ gw7pL+VLOtHac27ztVKyIPp0HR+zIS1Z9aObVIeuMLxhFk9iUOlrch1dLX6dbaME bBSWFT+a72tOgx+//bbNAhBKcM8W3nDV26Bumr45KZDgsBPiSWxJcffKUcUPwVWh Ou94NCrDvqQyYDmLGnuxvVnJPNMibHVrTIguWj3f8UxpWZ03tIkd12URB/b9BQI4 UOxcXEPayau2u287WwgM1pTb6jvk2fUACu6YdZDcBZYS1IUV3dZyytdIZM/HDd8g JPuKt49s2gL9P9dJpmxbO6Jp38Bv3kxsP5KHneauin48soV0A7ACmIg5zONQOFTC jDlL6XdHeu9bG7b2BOz9XRGG8k4H98gqOQt6AcwBW4/LwXhHIpObKF6h42o9b2iy JnJ2niii5+XmaCGr1O7zEm2G1csQMEAYzRBSYZ4tk7F2qBw6p+JGuOou/NDPo5ec G63TfUAQHPzghjS/sYT44lgAcluIiUq6QhQCO30jMcrSkqtgUlVQALiAmezjEv2v QgofiXJ15q+Ljo2wFHmCwXJzY7u6iV5qhULsjLCBC7s3akjhJWBCp+kd9be6pAz9 5QesvZeRH21yPmGuTiGVjShDkCfvzIV+Sa06E6fuJ1K9ER4TvXxtZRnN4Zv569Pp vVJXScUW5B67JIb9YwSUEjQAefnxrHiS58mvnU09m6BpXN+UI6LeQNKNTq3yp6Qq RzLUTS+oWvnmC2fJz3aasuaShyafSRXxOJ9cRA3iMl5VcwYxWSpbd5byi7/Q/d09 Private-MAC: f81dd3f7a7e0ce4b22dd5ae279ec7bc02c9a9b3d
To use
sshkeygento create a key file using KVGroup format (test.kvg):sshkeygen.exe -r kvg -f "\Program Files\Bravura Security\Bravura Security Fabric\default\script\test.kvg"