aboutsummaryrefslogtreecommitdiffstats
path: root/lacme-accountd.1.md
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2020-12-09 19:02:44 +0100
committerGuilhem Moulin <guilhem@fripost.org>2020-12-09 19:17:49 +0100
commitc93443364ce23ced97a80bfda8f8bb35ec19fcdb (patch)
tree045db8181eac474416f04c23155355add920ab17 /lacme-accountd.1.md
parent647d28bf9b8da2ce47a888aad71ab5264eea6c6d (diff)
documentation: suggest to generate private key material with genpkey(1ssl).
* Also suggest a command to generate an ECDSA key not just RSA. * Hint at which key algorithms are supported.
Diffstat (limited to 'lacme-accountd.1.md')
-rw-r--r--lacme-accountd.1.md10
1 files changed, 7 insertions, 3 deletions
diff --git a/lacme-accountd.1.md b/lacme-accountd.1.md
index a967b67..24e73eb 100644
--- a/lacme-accountd.1.md
+++ b/lacme-accountd.1.md
@@ -55,10 +55,13 @@ Options
* `gpg:`*FILE*, to specify a [`gpg`(1)]-encrypted private key (in
PEM format).
- The following command can be used to generate a new 4096-bits RSA
- key in PEM format with mode 0600:
+ The [`genpkey`(1ssl)] command can be used to generate a new private
+ (account) key:
- openssl genrsa 4096 | install -m0600 /dev/stdin /path/to/account.key
+ $ install -vm0600 /dev/null /path/to/account.key
+ $ openssl genpkey -algorithm RSA -out /path/to/account.key
+
+ Currently `lacme-accountd` only supports RSA account keys.
`--socket=`*path*
@@ -141,3 +144,4 @@ See also
[`gpg`(1)]: https://www.gnupg.org/documentation/manpage.en.html
[OpenSSH]: https://www.openssh.com/
[`ssh`(1)]: https://man.openbsd.org/ssh
+[`genpkey`(1ssl)]: https://www.openssl.org/docs/manmaster/man1/openssl-genpkey.html