EnglishFrenchSpanish

Ubuntu | Fedora | VPN | File sharing


OnWorks favicon

pki---gen - Online in the Cloud

Run pki---gen in OnWorks free hosting provider over Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator

This is the command pki---gen that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator

PROGRAM:

NAME


pki --gen - Generate a new RSA or ECDSA private key

SYNOPSIS


pki --gen [--type type] [--size bits] [--safe-primes] [--shares n] [--threshold l]
[--outform encoding] [--debug level]

pki --gen --options file

pki --gen -h | --help

DESCRIPTION


This sub-command of pki(1) is used to generate a new RSA or ECDSA private key.

OPTIONS


-h, --help
Print usage information with a summary of the available options.

-v, --debug level
Set debug level, default: 1.

-+, --options file
Read command line options from file.

-t, --type type
Type of key to generate. Either rsa or ecdsa, defaults to rsa.

-s, --size bits
Key length in bits. Defaults to 2048 for rsa and 384 for ecdsa. For ecdsa only
three values are currently supported: 256, 384 and 521.

-p, --safe-primes
Generate RSA safe primes.

-f, --outform encoding
Encoding of the generated private key. Either der (ASN.1 DER) or pem (Base64 PEM),
defaults to der.

RSA Threshold Cryptography
-n, --shares <n>
Number of private RSA key shares.

-l, --threshold <l>
Minimum number of participating RSA key shares.

PROBLEMS ON HOSTS WITH LOW ENTROPY


If the gmp plugin is used to generate RSA private keys the key material is read from
/dev/random (via the random plugin). Therefore, the command may block if the system's
entropy pool is empty. To avoid this, either use a hardware random number generator to
feed /dev/random or use OpenSSL (via the openssl plugin or the command line) which is not
as strict in regards to the quality of the key material (it reads from /dev/urandom if
necessary). It is also possible to configure the devices used by the random plugin in
strongswan.conf(5). Setting libstrongswan.plugins.random.random to /dev/urandom forces
the plugin to treat bytes read from /dev/urandom as high grade random data, thus avoiding
the blocking. Of course, this doesn't change the fact that the key material generated this
way is of lower quality.

EXAMPLES


pki --gen --size 3072 > rsa_key.der
Generates a 3072-bit RSA private key.

pki --gen --type ecdsa --size 256 > ecdsa_key.der
Generates a 256-bit ECDSA private key.

Use pki---gen online using onworks.net services


Free Servers & Workstations


Download Windows & Linux apps


Linux commands

Ad




ABOUT ONWORKS®

OnWorks is a free online VPS hosting provider that gives cloud services like free workstations, online AntiVirus, free VPN secure proxies, and free personal and business email. Our free VPS can be based on CentOS, Fedora, Ubuntu and Debian. Some of them are customized to be like Windows online or MacOS online.

Site Links
Our Sites

Copyright ©2024 OffiDocs Group OU. All Rights Reserved. OnWorks® is a registered trademark.