sshd-openpgp-auth-init(1) | General Commands Manual | sshd-openpgp-auth-init(1) |
NAME
sshd-openpgp-auth-init - Initialize a new OpenPGP certificate, that serves as trust anchor for public SSH host keys
SYNOPSIS
sshd-openpgp-auth init [-e|--expiry] [-o|--openpgp-dir] [-s|--stdout] [-t|--time] [-h|--help] <HOST>
DESCRIPTION
Initialize a new OpenPGP certificate, that serves as trust anchor for public SSH host keys
By default this function creates an OpenPGP certificate for a hostname, that is valid from now for the next 365 days and writes it to a file in "/var/lib/sshd-openpgp-auth/". The validity period, as well as the point in time from which the certificate is valid can be adjusted. Additionally, the certificate may be written to stdout instead of a file.
OPTIONS
- -e, --expiry=EXPIRY
- The expiry period in days from reference time (defaults to 365)
May also be specified with the SOA_EXPIRY
environment variable.
- -o, --openpgp-dir=DIR
- A custom directory into which the OpenPGP certificate is written (defaults to "/var/lib/sshd-openpgp-auth/")
May also be specified with the SOA_OPENPGP_DIR
environment variable.
- -s, --stdout
- Output the OpenPGP certificate to stdout instead of a file
- -t, --time=TIME
- A custom reference time formatted as an RFC3339 string (defaults to now)
May also be specified with the SOA_TIME
environment variable.
- -h, --help
- Print help (see a summary with '-h')
- <HOST>
- The hostname, as fully qualified domain name (FQDN), for which a certificate is created
sshd-openpgp-auth-init |