]> &COMMANDNAME; &VERSION; Björn Påhlsson

belorn@fukt.bsnet.se

Teddy Hogeborn

teddy@fukt.bsnet.se

2008 Teddy Hogeborn Björn Påhlsson This manual page is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This manual page is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; If not, see . &COMMANDNAME; 8 &COMMANDNAME; Generate keys for password-request 8mandos &COMMANDNAME; --dir directory --type type --length bits --subtype type --sublength bits --name NAME --email EMAIL --comment COMMENT --expire TIME --force &COMMANDNAME; -d directory -t type -l bits -s type -L bits -n NAME -e EMAIL -c COMMENT -x TIME -f &COMMANDNAME; -h --help &COMMANDNAME; -v --version &COMMANDNAME; is a program to generate the OpenPGP keys used by password-request 8mandos. The keys are normally written to /etc/mandos for later installation into the initrd image, but this, like most things, can be changed with command line options. The purpose of this is to enable remote and unattended rebooting of client host computer with an encrypted root file system. See for details. -h, --help Show a help message and exit -d, --dir directory Target directory for key files. -t, --type type Key type. Default is DSA. -l, --length bits Key length in bits. Default is 1024. -s, --subtype type Subkey type. Default is ELG-E (Elgamal encryption-only). -L, --sublength bits Subkey length in bits. Default is 2048. -e, --email address Email address of key. Default is empty. -c, --comment comment Comment field for key. The default value is Mandos client key. -x, --expire time Key expire time. Default is no expiration. See gpg 1 for syntax. -f, --force Force overwriting old keys. This program is a small utility to generate new OpenPGP keys for new Mandos clients. The exit status will be 0 if new keys were successfully created, otherwise not. TMPDIR If set, temporary files will be created here. See mktemp 1. Use the --dir option to change where &COMMANDNAME; will write the key files. The default file names are shown here. /etc/mandos/seckey.txt OpenPGP secret key file which will be created or overwritten. /etc/mandos/pubkey.txt OpenPGP public key file which will be created or overwritten. /tmp Temporary files will be written here if TMPDIR is not set. None are known at this time. Normal invocation needs no options: mandos-keygen Create keys in another directory and of another type. Force overwriting old key files: mandos-keygen --dir ~/keydir --type RSA --force The --type, --length, --subtype, and --sublength options can be used to create keys of insufficient security. If in doubt, leave them to the default values. The key expire time is not guaranteed to be honored by mandos 8. password-request 8mandos, mandos 8, gpg 1