puttygen(1) PuTTY tool suite puttygen(1)
NAME
puttygen - public-key generator for the PuTTY tools
SYNOPSIS
puttygen (
keyfile |
-t keytype [
-b bits ] [
--primes method ] [
-q ] )
[
-C new-comment ] [
-P ] [
--reencrypt ]
[
--certificate cert-file |
--remove-certificate ]
[
-O output-type |
-l |
-L |
-p |
--dump |
--cert-info ]
[
--ppk-param key=value,... |
-E fptype ]
[
-o output-file ]
DESCRIPTION
puttygen is a tool to generate and manipulate SSH public and private
key pairs. It is part of the PuTTY suite, although it can also
interoperate with the key formats used by some other SSH clients.
When you run
puttygen, it does three things. Firstly, it either loads
an existing key file (if you specified
keyfile), or generates a new
key (if you specified
keytype). Then, it optionally makes
modifications to the key (such as changing the comment and/or the
passphrase); finally, it outputs the key, or some information about
the key, to a file.
All three of these phases are controlled by the options described in
the following section.
OPTIONS
In the first phase,
puttygen either loads or generates a key. Note
that generating a key requires random data, which can cause
puttygen to pause, possibly for some time if your system does not have much
randomness available.
The options to control this phase are:
keyfile Specify a key file to be loaded. (Use `
-' to read a key file
from standard input.)
Usually this will be a private key, which can be in the (de
facto standard) SSH-1 key format, or in PuTTY's SSH-2 key
format, or in either of the SSH-2 private key formats used by
OpenSSH and ssh.com's implementation.
You can also specify a file containing only a
public key here.
The operations you can do are limited to outputting another
public key format (possibly removing an attached certificate
first), or a fingerprint. Public keys can be in RFC 4716 or
OpenSSH format, or the standard SSH-1 format.
-t keytype Specify a type of key to generate. The acceptable values here
are
rsa,
dsa,
ecdsa,
eddsa,
ed25519, and
ed448 (to generate
SSH-2 keys), and
rsa1 (to generate SSH-1 keys).
-b bits Specify the size of the key to generate, in bits. Default for
rsa and
dsa keys is 2048.
--primes method Method for generating prime numbers. The acceptable values
here are
probable (the default),
proven, and
proven-even; the
later methods are slower. (Various synonyms for these method
names are also accepted.)
The `probable primes' method sounds unsafe, but it's the most
commonly used prime-generation strategy. There is in theory a
possibility that it might accidentally generate a number that
isn't prime, but the software does enough checking to make
that probability vanishingly small (less than 1 in 2^80, or 1
in 10^24). So, in practice, nobody worries about it very much.
The other methods cause PuTTYgen to use numbers that it is
sure are prime, because it generates the output number
together with a proof of its primality. This takes more
effort, but it eliminates that theoretical risk in the
probabilistic method.
You might choose to switch from probable to proven primes if
you have a local security standard that demands it, or if you
don't trust the probabilistic argument for the safety of the
usual method.
--strong-rsa When generating an RSA key, make sure the prime factors of the
key modulus are `strong primes'. A strong prime is a prime
number chosen to have a particular structure that makes
certain factoring algorithms more difficult to apply, so some
security standards recommend their use. However, the most
modern factoring algorithms are unaffected, so this option is
probably not worth turning on
unless you have a local standard
that recommends it.
-q Suppress the progress display when generating a new key.
--old-passphrase file Specify a file name; the first line will be read from this
file (removing any trailing newline) and used as the old
passphrase.
CAUTION: If the passphrase is important, the file
should be stored on a temporary filesystem or else securely
erased after use.
--random-device device Specify device to read entropy from. By default,
puttygen uses
/dev/urandom, falling back to
/dev/random if it has to.
In the second phase,
puttygen optionally alters properties of the key
it has loaded or generated. The options to control this are:
-C new-comment Specify a comment string to describe the key. This comment
string will be used by PuTTY to identify the key to you (when
asking you to enter the passphrase, for example, so that you
know which passphrase to type).
-P Indicate that you want to change the key's passphrase. This is
automatic when you are generating a new key, but not when you
are modifying an existing key.
--certificate certificate-file Adds an OpenSSH-style certificate to the public half of the
key, so that the output file contains a certified public key
with the same private key. If the input file already contained
a certificate, it will be replaced with the new one. (Use `
-'
to read a certificate from standard input.)
--remove-certificate Removes any certificate that was part of the key, to recover
the uncertified version of the underlying key.
--reencrypt For an existing private key saved with a passphrase, refresh
the encryption without changing the passphrase.
This is most likely to be useful with the
--ppk-param option,
to change some aspect of the key file's format or encryption.
--ppk-param key=value,...
When saving a PPK file (the default
private output type for
SSH-2 keys), adjust details of the on-disk format.
Aspects to change are specified as a series of
key=value pairs
separated by commas. The
keys are:
version The PPK format version. Possible values are
3 (the
default) and
2 (which is less resistant to brute-force
decryption, but which you might need if your key needs
to be used by old versions of PuTTY tools, or other PPK
consumers).
The following
keys only affect PPK version 3 files.
kdf The variant of the Argon2 key derivation function to
use. Options are
argon2id (default, and recommended),
argon2i, and
argon2d.
You might change this if you consider your exposure to
side-channel attacks to be different to the norm.
memory The amount of memory needed to decrypt the key, in
Kbyte. Default is 8192 (i.e., 8 Mbyte).
time Approximate time, on this machine, required to attempt
decrypting the key, in milliseconds. Default is 100
(ms).
passes Alternative to
time: explicitly specify the number of
hash passes required to attempt decrypting the key.
parallelism Number of parallelisable threads that can be used to
decrypt the key. Default is 1 (force decryption to run
single-threaded).
In the third phase,
puttygen saves the key or information about it.
The options to control this are:
-O output-type Specify the type of output you want
puttygen to produce.
Acceptable options are:
private Save the private key in a format usable by PuTTY. This
will either be the standard SSH-1 key format, or
PuTTY's own SSH-2 key format (`PPK'). This is the
default.
public Save the public key only. For SSH-1 keys, the standard
public key format will be used (`
1024 37 5698745...').
For SSH-2 keys, the public key will be output in the
format specified by RFC 4716, which is a multi-line
text file beginning with the line `
---- BEGIN SSH2 PUBLIC KEY ----'.
public-openssh Save the public key only, in a format usable by
OpenSSH. For SSH-1 keys, this output format behaves
identically to
public. For SSH-2 keys, the public key
will be output in the OpenSSH format, which is a single
line (`
ssh-rsa AAAAB3NzaC1yc2...').
fingerprint Print a fingerprint of the public key. The
-E option
lets you specify which fingerprinting algorithm to use.
All algorithms are believed compatible with OpenSSH.
private-openssh Save an SSH-2 private key in OpenSSH's format, using
the oldest format available to maximise backward
compatibility. This option is not permitted for SSH-1
keys.
private-openssh-new As
private-openssh, except that it forces the use of
OpenSSH's newer format even for RSA, DSA, and ECDSA
keys.
private-sshcom Save an SSH-2 private key in ssh.com's format. This
option is not permitted for SSH-1 keys.
cert-info Save a textual dump of information about the
certificate on the key, if any: whether it's a host or
a user certificate, what host(s) or user(s) it's
certified to be, its validity period, ID and serial
number, and the fingerprint of the signing CA.
text Save a textual dump of the numeric components
comprising the key (both the public and private parts,
if present). Useful for debugging, or for using
PuTTYgen as a key generator for applications other than
SSH.
The output consists of a series of
name=value lines,
where each
value is either a C-like string literal in
double quotes, a hexadecimal number starting with
0x..., or a binary blob encoded with base64, denoted by
b64("...").
If no output type is specified, the default is
private.
-o output-file Specify the file where
puttygen should write its output. If
this option is not specified,
puttygen will assume you want to
overwrite the original file if the input and output file types
are the same (changing a comment or passphrase), and will
assume you want to output to stdout if you are asking for a
public key, fingerprint, or one of the textual dump types.
Otherwise, the
-o option is required.
-l Synonym for `
-O fingerprint'.
-L Synonym for `
-O public-openssh'.
-p Synonym for `
-O public'.
--cert-info Synonym for `
-O cert-info'.
--dump Synonym for `
-O text'.
-E fptype Specify the algorithm to use if generating a fingerprint. The
available algorithms are are
sha256 (the default) and
md5.
By default, when showing the fingerprint of a public key that
includes a certificate,
puttygen will not include the
certificate, so that the fingerprint shown will be the same as
the underlying public key. If you want the fingerprint
including the certificate (for example, so as to tell two
certified keys apart), you can specify
sha256-cert or
md5-cert as the fingerprint type.
--new-passphrase file Specify a file name; the first line will be read from this
file (removing any trailing newline) and used as the new
passphrase. If the file is empty then the saved key will be
unencrypted.
CAUTION: If the passphrase is important, the file
should be stored on a temporary filesystem or else securely
erased after use.
The following options do not run PuTTYgen as normal, but print
informational messages and then quit:
-h,
--help Display a message summarizing the available options.
-V,
--version Display the version of PuTTYgen.
--pgpfp Display the fingerprints of the PuTTY PGP Master Keys, to aid
in verifying new files released by the PuTTY team.
EXAMPLES
To generate an SSH-2 RSA key pair and save it in PuTTY's own format
(you will be prompted for the passphrase):
puttygen -t rsa -C "my home key" -o mykey.ppk
To generate a larger (4096-bit) key:
puttygen -t rsa -b 4096 -C "my home key" -o mykey.ppk
To change the passphrase on a key (you will be prompted for the old
and new passphrases):
puttygen -P mykey.ppk
To change the comment on a key:
puttygen -C "new comment" mykey.ppk
To convert a key into OpenSSH's private key format:
puttygen mykey.ppk -O private-openssh -o my-openssh-key
To convert a key
from another format (
puttygen will automatically
detect the input key type):
puttygen my-ssh.com-key -o mykey.ppk
To display the SHA-256 fingerprint of a key (some key types require a
passphrase to extract even this much information):
puttygen -l mykey.ppk
To add the OpenSSH-format public half of a key to your authorised
keys file:
puttygen -L mykey.ppk >> $HOME/.ssh/authorized_keys
PuTTY tool suite 2004-03-24 puttygen(1)
