CREATESIGNERKEY(8) CREATESIGNERKEY(8)
NAME
createsignerkey - create signer key on authentication server
SYNOPSIS
lib/createsignerkey [ -a alg ] [ -f keyfile ] [ -e expiry ]
[ -b bitsize ] name
DESCRIPTION
Createsignerkey creates public and private keys that are
used by a server acting as `signer' to generate certificates
for users. Name appears as signer in each certificate. The
expiry date has the form ddmmyyyy, is converted to seconds
since the epoch (see daytime(2)) and stored in the keyfile;
by default the server's certificate never expires. The key
will be bitsize long (default: 512 bits) with a minimum of
32 bits and a maximum of 4096 bits. Keyfile is the file in
which the server stores its keys; the default is
/keydb/signerkey, and many security programs such as
logind(8) expect to find keys there. The mode of the
keyfile should be set to be readable only by the user run-
ning those programs.
The -a option specifies the signature algorithm. Currently
alg can be either elgamal or rsa. El-Gamal keys are used by
default.
FILES
/keydb/signerkey
SOURCE
/appl/lib/createsignerkey.b
SEE ALSO
security-auth(2), keyring-gensk(2), logind(8), signer(8)