-c scheme, --certificate=scheme
certificate scheme.
scheme is one of RSA-MD2, RSA-MD5, RSA-SHA, RSA-SHA1, RSA-MDC2, RSA-RIPEMD160, DSA-SHA, or DSA-SHA1. Select the certificate message digest/signature encryption scheme. Note that RSA schemes must be used with a RSA sign key and DSA schemes must be used with a DSA sign key. The default without this option is RSA-MD5.
-d, --debug-level
Increase output debug message level. This option may appear an unlimited number of times.
Increase the debugging message output level.
-D string, --set-debug-level=string
Set the output debug message level. This option may appear an unlimited number of times.
Set the output debugging level. Can be supplied multiple times, but each overrides the previous value(s).
-e, --id-key
Write IFF or GQ identity keys.
Write the IFF or GQ client keys to the standard output. This is intended for automatic key distribution by mail.
-G, --gq-params
Generate GQ parameters and keys.
Generate parameters and keys for the GQ identification scheme, obsoleting any that may exist.
-H, --host-key
generate RSA host key.
Generate new host keys, obsoleting any that may exist.
-I, --iffkey
generate IFF parameters.
Generate parameters for the IFF identification scheme, obsoleting any that may exist.
-i issuer-name, --issuer-name=issuer-name
set issuer name.
Set the suject name to name. This is used as the subject field in certificates and in the file name for host and sign keys.
-M, --md5key
generate MD5 keys.
Generate MD5 keys, obsoleting any that may exist.
-m modulus, --modulus=modulus
modulus. This option takes an integer number as its argument. The value of
modulus is constrained to being:in the range 256 through 2048
The number of bits in the prime modulus. The default is 512.
-P, --pvt-cert
generate PC private certificate.
Generate a private certificate. By default, the program generates public certificates.
-p passwd, --pvt-passwd=passwd
output private password.
Encrypt generated files containing private data with the specified password and the DES-CBC algorithm.
-q passwd, --get-pvt-passwd=passwd
input private password.
Set the password for reading files to the specified password.
-S sign, --sign-key=sign
generate sign key (RSA or DSA).
Generate a new sign key of the designated type, obsoleting any that may exist. By default, the program uses the host key as the sign key.
-s host, --subject-name=host
set subject name.
Set the issuer name to name. This is used for the issuer field in certificates and in the file name for identity files.
-T, --trusted-cert
trusted certificate (TC scheme).
Generate a trusted certificate. By default, the program generates a non-trusted certificate.
-V num, --mv-params=num
generate <num> MV parameters. This option takes an integer number as its argument.
Generate parameters and keys for the Mu-Varadharajan (MV) identification scheme.
-v num, --mv-keys=num
update <num> MV keys. This option takes an integer number as its argument.
This option has not been fully documented.
-?, --help
Display extended usage information and exit.
-!, --more-help
Extended usage information passed thru pager.
-> [rcfile], --save-opts[=rcfile]
Save the option state to rcfile. The default is the last configuration file listed in the OPTION PRESETS section, below.
-< rcfile, --load-opts=rcfile, --no-load-opts
Load options from rcfile. The no-load-opts form will disable the loading of earlier RC/INI files. --no-load-opts is handled early, out of order.
- [{v|c|n}], --version[={v|c|n}]
Output version of program and exit. The default mode is `v', a simple version. The `c' mode will print copyright information and `n' will print the full copyright notice.