rsa man page on DigitalUNIX

Man page or keyword search:  
man Server   12896 pages
apropos Keyword Search (all sections)
Output format
DigitalUNIX logo
[printable version]

rsa(1ssl)							     rsa(1ssl)

       rsa - RSA key processing tool

       openssl	rsa  [-inform PEM | NET | DER] [-outform PEM | NET | DER] [-in
       filename] [-passin arg] [-out filename] [-passoutarg] [-sgckey]	[-des]
       [-des3] [-idea] [-text] [-noout] [-modulus] [-check] [-pubin] [-pubout]

       Specifies  the  input  format.  The DER option uses an ASN1 DER encoded
       form compatible with the PKCS#1 RSAPrivateKey  or  SubjectPublicKeyInfo
       format. The PEM form is the default format. It consists of the DER for‐
       mat base64 encoded with additional header and footer  lines.  On	 input
       PKCS#8 format private keys are also accepted. The NET form is described
       in the Notes section.  Specifies the output format.  The	 options  have
       the  same  meaning as the -inform option.  Specifies the input filename
       to read a key from or standard input if this option is  not  specified.
       If  the	key  is	 encrypted,  there will be a prompt for a pass phrase.
       Input file password source. For more information about  the  format  of
       arg, see the Pass Phrase Arguments section in openssl(1ssl).  Specifies
       the output filename to write a key to or standard output if this option
       is  not	specified.  If	any encryption options are set, there will bea
       prompt for a  pass phrase. The output filename should not be  the  same
       as  the input filename.	Output file password source. For more informa‐
       tion about the format of arg, see the Pass Phrase Arguments section  in
       openssl(1ssl).  Uses the modified NET algorithm used with some versions
       of Microsoft IIS and SGC keys.  These options encrypt the  private  key
       with the DES, triple DES, or the	 IDEA ciphers respectively before out‐
       putting it. There is a prompt for a  pass  phrase.  If  none  of	 these
       options	is specified the key is written in plain text. This means that
       using the rsa utility to read in an encrypted key  with	no  encryption
       option  can be used to remove the pass phrase from a key, or by setting
       the encryption options it can be used to add or change the pass phrase.
       These  options  can  only be used with PEM format output files.	Prints
       out the various public or private key components in plain text in addi‐
       tion to the encoded version.  Prevents output of the encoded version of
       the key.	 Prints out the value of the modulus of the key.   Checks  the
       consistency  of	an  RSA private key.  By default a private key is read
       from the input file. With this option a public key is read instead.  By
       default	a private key is output. With this option a public key will be
       output instead. This option is automatically set if the input is a pub‐
       lic key.

       The rsa command processes RSA keys. They can be converted between vari‐
       ous forms and their components printed out.  This command uses the tra‐
       ditional	 SSLeay	 compatible  format  for private key encryption. Newer
       applications should use the more secure PKCS#8 format using  the	 pkcs8

       The PEM private key format uses the following header and footer lines:

       The PEM public key format uses the following header and footer lines:
	-----END PUBLIC KEY-----

       The NET form is a format compatible with older Netscape servers and Mi‐
       crosoft IIS files. It uses unsalted RC4 for its encryption. It  is  not
       very secure and should only be used when necessary.

       Some  newer  version of IIS have additional data in the exported files.
       To use these with the utility, view the file with a binary  editor  and
       look  for  the string private-key, then trace back to the byte sequence
       0x30, 0x82. (This is an ASN1 sequence.) Copy all	 the  data  from  this
       point  onwards  to  another  file  and use that as the input to the rsa
       utility with the -inform NET option. If you get an error after entering
       the password try the -sgckey option.

       The command line password arguments do not work with the NET format.

       There  should  be  an  option that automatically handles files, without
       having to manually edit them.

       Remove the pass phrase on an RSA private key: openssl rsa  -in  key.pem
       -out keyout.pem

       Encrypt	a  private key using triple DES: openssl rsa -in key.pem -des3
       -out keyout.pem

       Convert a private key from PEM to DER format: openssl rsa  -in  key.pem
       -outform DER -out keyout.der

       Print  the  components of a private key to standard output: openssl rsa
       -in key.pem -text -noout

       Output the public part of a private key: openssl rsa -in key.pem	 -pub‐
       out -out pubkey.pem

       Commands: pkcs8(1ssl), dsa(1ssl), genrsa(1ssl), gendsa(1ssl)


List of man pages available for DigitalUNIX

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
Vote for polarhome
Free Shell Accounts :: the biggest list on the net