… | |
… | |
17 | |
17 | |
18 | =item B<-c>, B<--config=>I<DIR> |
18 | =item B<-c>, B<--config=>I<DIR> |
19 | |
19 | |
20 | Read configuration options from I<DIR>. |
20 | Read configuration options from I<DIR>. |
21 | |
21 | |
22 | =item B<-g>, B<--generate-keys> |
22 | =item B<-g>, B<--generate-key=path> |
23 | |
23 | |
24 | Generate public/private RSA key-pair and exit. |
24 | Generates a single RSA key-pair. The public key will be stored in F<< I<path> >> |
|
|
25 | while the private key will be stored in F<< I<path> .privkey >>. Neither file must be |
|
|
26 | non-empty for this to succeed. |
|
|
27 | |
|
|
28 | The public key file F<< I<path> >> is normally copied to F<pubkey/nodename> in |
|
|
29 | the config directory on all nodes, while the private key F<< I<path>.privkey >> |
|
|
30 | should be copied to the file F<hostkey> on the node the key is for. |
|
|
31 | |
|
|
32 | It's recommended to generate the keypair on the node where it will be |
|
|
33 | used, so that the private key file does not have to travel over the |
|
|
34 | network. |
|
|
35 | |
|
|
36 | =item B<-G>, B<--generate-keys> |
|
|
37 | |
|
|
38 | Generate public/private RSA key-pairs for all nodes not having a key and exit. |
|
|
39 | |
|
|
40 | Note that in normal configurations this will fail, as there cna only be |
|
|
41 | one private key per host. To make this configuration work you need to |
|
|
42 | specify separate keyfiles for hostkeys in your config file, e.g.: |
|
|
43 | |
|
|
44 | private-key = hostkeys/%s |
|
|
45 | |
|
|
46 | Such a configuration makes it easier to distribute a configuration |
|
|
47 | centrally but requires private keys to be transported securely over the |
|
|
48 | network. |
25 | |
49 | |
26 | =item B<-q>, B<--quiet> |
50 | =item B<-q>, B<--quiet> |
27 | |
51 | |
28 | Suppresses messages the author finds nonessential for scripting purposes. |
52 | Suppresses messages the author finds nonessential for scripting purposes. |
29 | |
53 | |