sshd-openpgp-auth-init(1) General Commands Manual sshd-openpgp-auth-init(1)

sshd-openpgp-auth-init - Initialize a new OpenPGP certificate, that serves as trust anchor for public SSH host keys

sshd-openpgp-auth init [-e|--expiry] [-o|--openpgp-dir] [-s|--stdout] [-t|--time] [-h|--help] <HOST>

Initialize a new OpenPGP certificate, that serves as trust anchor for public SSH host keys

By default this function creates an OpenPGP certificate for a hostname, that is valid from now for the next 365 days and writes it to a file in "/var/lib/sshd-openpgp-auth/". The validity period, as well as the point in time from which the certificate is valid can be adjusted. Additionally, the certificate may be written to stdout instead of a file.

The expiry period in days from reference time (defaults to 365)
May also be specified with the SOA_EXPIRY environment variable.
A custom directory into which the OpenPGP certificate is written (defaults to "/var/lib/sshd-openpgp-auth/")
May also be specified with the SOA_OPENPGP_DIR environment variable.
Output the OpenPGP certificate to stdout instead of a file
A custom reference time formatted as an RFC3339 string (defaults to now)
May also be specified with the SOA_TIME environment variable.
Print help (see a summary with '-h')
<HOST>
The hostname, as fully qualified domain name (FQDN), for which a certificate is created
sshd-openpgp-auth-init