You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

81 lines
2.4 KiB

  1. .TH sshpk\-sign 1 "Jan 2016" sshpk "sshpk Commands"
  2. .SH NAME
  3. .PP
  4. sshpk\-sign \- sign data using an SSH key
  5. .SH SYNOPSYS
  6. .PP
  7. \fB\fCsshpk\-sign\fR \-i KEYPATH [OPTION...]
  8. .SH DESCRIPTION
  9. .PP
  10. Takes in arbitrary bytes, and signs them using an SSH private key. The key can
  11. be of any type or format supported by the \fB\fCsshpk\fR library, including the
  12. standard OpenSSH formats, as well as PEM PKCS#1 and PKCS#8.
  13. .PP
  14. The signature is printed out in Base64 encoding, unless the \fB\fC\-\-binary\fR or \fB\fC\-b\fR
  15. option is given.
  16. .SH EXAMPLES
  17. .PP
  18. Signing with default settings:
  19. .PP
  20. .RS
  21. .nf
  22. $ printf 'foo' | sshpk\-sign \-i ~/.ssh/id_ecdsa
  23. MEUCIAMdLS/vXrrtWFepwe...
  24. .fi
  25. .RE
  26. .PP
  27. Signing in SSH (RFC 4253) format (rather than the default ASN.1):
  28. .PP
  29. .RS
  30. .nf
  31. $ printf 'foo' | sshpk\-sign \-i ~/.ssh/id_ecdsa \-t ssh
  32. AAAAFGVjZHNhLXNoYTIt...
  33. .fi
  34. .RE
  35. .PP
  36. Saving the binary signature to a file:
  37. .PP
  38. .RS
  39. .nf
  40. $ printf 'foo' | sshpk\-sign \-i ~/.ssh/id_ecdsa \\
  41. \-o signature.bin \-b
  42. $ cat signature.bin | base64
  43. MEUCIAMdLS/vXrrtWFepwe...
  44. .fi
  45. .RE
  46. .SH OPTIONS
  47. .TP
  48. \fB\fC\-v, \-\-verbose\fR
  49. Print extra information about the key and signature to stderr when signing.
  50. .TP
  51. \fB\fC\-b, \-\-binary\fR
  52. Don't base64\-encode the signature before outputting it.
  53. .TP
  54. \fB\fC\-i KEY, \-\-identity=KEY\fR
  55. Select the key to be used for signing. \fB\fCKEY\fR must be a relative or absolute
  56. filesystem path to the key file. Any format supported by the \fB\fCsshpk\fR library
  57. is supported, including OpenSSH formats and standard PEM PKCS.
  58. .TP
  59. \fB\fC\-f PATH, \-\-file=PATH\fR
  60. Input file to sign instead of stdin.
  61. .TP
  62. \fB\fC\-o PATH, \-\-out=PATH\fR
  63. Output file to save signature in instead of stdout.
  64. .TP
  65. \fB\fC\-H HASH, \-\-hash=HASH\fR
  66. Set the hash algorithm to be used for signing. This should be one of \fB\fCsha1\fR,
  67. \fB\fCsha256\fR or \fB\fCsha512\fR\&. Some key types may place restrictions on which hash
  68. algorithms may be used (e.g. ED25519 keys can only use SHA\-512).
  69. .TP
  70. \fB\fC\-t FORMAT, \-\-format=FORMAT\fR
  71. Choose the signature format to use, from \fB\fCasn1\fR, \fB\fCssh\fR or \fB\fCraw\fR (only for
  72. ED25519 signatures). The \fB\fCasn1\fR format is the default, as it is the format
  73. used with TLS and typically the standard in most non\-SSH libraries (e.g.
  74. OpenSSL). The \fB\fCssh\fR format is used in the SSH protocol and by the ssh\-agent.
  75. .SH SEE ALSO
  76. .PP
  77. .BR sshpk-verify (1)
  78. .SH BUGS
  79. .PP
  80. Report bugs at Github
  81. \[la]https://github.com/arekinath/node-sshpk/issues\[ra]