diff options
Diffstat (limited to 'ipsec-tools/src/racoon/plainrsa-gen.8')
-rw-r--r-- | ipsec-tools/src/racoon/plainrsa-gen.8 | 138 |
1 files changed, 138 insertions, 0 deletions
diff --git a/ipsec-tools/src/racoon/plainrsa-gen.8 b/ipsec-tools/src/racoon/plainrsa-gen.8 new file mode 100644 index 00000000..377de2dc --- /dev/null +++ b/ipsec-tools/src/racoon/plainrsa-gen.8 @@ -0,0 +1,138 @@ +.\" $NetBSD: plainrsa-gen.8,v 1.13 2006/09/19 18:54:39 wiz Exp $ +.\" +.\" Id: plainrsa-gen.8,v 1.4 2005/04/18 11:07:55 manubsd Exp +.\" +.\" Copyright (C) 2004 SuSE Linux AG, Nuernberg, Germany. +.\" Contributed by: Michal Ludvig <mludvig@suse.cz>, SUSE Labs +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. Neither the name of the project nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.Dd June 14, 2004 +.Dt PLAINRSA-GEN 8 +.Os +.\" +.Sh NAME +.Nm plainrsa-gen +.Nd generator for Plain RSA keys +.\" +.Sh SYNOPSIS +.Nm plainrsa-gen +.Bk -words +.Op Fl b Ar bits +.Op Fl e Ar pubexp +.Op Fl f Ar outfile +.Op Fl h +.Ek +.\" +.Sh DESCRIPTION +.Nm +can be used to generate +.Li Plain RSA keys +for authentication purposes. +Using +.Li Plain RSA keys +is optional. +Other possibilities are +.Li Pre-shared keys +or +.Li X.509 certificates . +.\" +.Bl -tag -width Ds +.It Fl b Ar bits +bit length of the key. +Default is +.Li 1024 , +recommended length is +.Li 2048 +or even +.Li 4096 +bits. +Note that generating longer keys takes longer time. +.It Fl e Ar pubexp +value of RSA public exponent. +Default is +.Li 0x3 . +Don't change this unless you really know what you are doing! +.It Fl f Ar outfile +.Ar outfile +instead of +.Li stdout . +If the file already exists it won't be overwritten. +You wouldn't like to lose your private key by accident, would you? +.El +.\" +.Sh OUTPUT FILE FORMAT +This is the secret +.Li private key +that should +.Ic never +leave your computer: +.Bd -literal +: RSA { + # RSA 1024 bits + # pubkey=0sAQOrWlcwbAIdNSMhDt... + Modulus: 0xab5a57306c021d3523... + PublicExponent: 0x03 + PrivateExponent: 0x723c3a2048... + Prime1: 0xd309b30e6adf9d85c01... + Prime2: 0xcfdc2a8aa5b2b3c90e3... + Exponent1: 0x8cb122099c9513ae... + Exponent2: 0x8a92c7071921cd30... + Coefficient: 0x722751305eafe9... + } +.Ed +.Pp +The line +.Li pubkey=0sAQOrW... +of the +.Li private key +contains a +.Li public key +that should be stored in the other peer's configuration in this format: +.Bd -literal +: PUB 0sAQOrWlcwbAIdNSMhDt... +.Ed +.\" +.Pp +You can also specify +.Li from +and +.Li to +addresses for which the key is valid: +.Bd -literal +0.0.0.0/0 10.20.30.0/24 : PUB 0sAQOrWlcwbAIdNSMhDt... +.Ed +.\" +.Sh SEE ALSO +.Xr racoon.conf 5 , +.Xr racoon 8 +.\" +.Sh HISTORY +.Nm +was written by +.An Michal Ludvig Aq michal@logix.cz +and first appeared in +.Ic ipsec-tools 0.4 . |