Please enable JavaScript to view this site.

A-Shell Development History

New CRYPTOP_GENPUBKEY (6) opcode to generate a public/private key file pair:

xcall CRYPTO, CRYPTOP_GENPUBKEY, status, pubkeyfile, encoding, privkeyfile, decoding, cflags, cipher, passphrase, keybits, cmode

Parameters

pubkeyfile and privkeyfile (in place of the src and dst parameters for other opcodes) must be set to the filespecs for the generated public and private key files.

encoding and decoding should be ""; there are no options for this opcode.

cflags should be set to CRYPF_NONE, since output is always to file

cipher should be set to either CRYPTO_CIPHER_RSA or CRYPTO_CIPHER_DSA (3)

passphrase (in place of the key parameter for other opcodes) must be set to the passphrase to encrypt the private key file or "" for none.

keybits must be a multiple of 64, between 384 and 4096.

cmode determines the format of the public key file:

CRYPTO_MODE_OPENSSH (0) OpenSSH format
CRYPTO_MODE_RFC4716 (3) RFC 4716 format

Comments

For Linux login authentication, the most typical options would be:

cipher = CRYPTO_CIPHER_RSA

keybits = 2048

cmode = CRYPTO_MODE_OPENSSH