lsh-keygen(1) Generates a keypair and write it on stdout.


lsh-keygen [OPTION...]


CAUTION! The information in this manpage may be invalid or outdated. For authorative information on lsh, please see it's Texinfo manual (see the SEE ALSO section).

Generates a new private key for the desired algorithm and security level and write it on stdout.

You will usually want to pipe the new key into a program like lsh-writekey, to split it into its private and public parts, and optionally encrypt the private information.


-a, --algorithm=Algorithm
DSA or RSA. Default is to generate RSA keys
-l, --nist-level=Security level
For DSA keys, this is the NIST security level: Level 0 uses 512-bit primes, level 8 uses 1024 bit primes, and the default is 8. For RSA keys, it's the bit length of the modulus, and the default is 2048 bits.
Use the server's seed-file
Print huge amounts of debug information
--log-file=File name
Append messages to this file.
-q, --quiet
Suppress all warnings and diagnostic messages
Detailed trace
-v, --verbose
Verbose diagnostic messages
-?, --help
Give this help list
Give a short usage message

-V, --version
Print program version

Mandatory or optional arguments to long options are also mandatory or optional for any corresponding short options.


See the --log-file , --verbose , --trace and --debug options.


Report bugs to <[email protected]>.


LSH_YARROW_SEED_FILE may be used to specify the random seed file.


The lsh suite of programs is distributed under the GNU General Public License; see the COPYING and AUTHORS files in the source distribution for details.


The lsh program suite is written mainly by Niels Möller <[email protected]>.

This man-page was written for lsh 2.0 by Pontus Freyhult <[email protected]>, it is based on a template written by J.H.M. Dassen (Ray) <[email protected]>.