.TH sshpk-sign 1 “Jan 2016” sshpk “sshpk Commands” .SH NAME .PP sshpk-sign - sign data using an SSH key .SH SYNOPSYS .PP fBfCsshpk-signfR -i KEYPATH [OPTION…] .SH DESCRIPTION .PP Takes in arbitrary bytes, and signs them using an SSH private key. The key can be of any type or format supported by the fBfCsshpkfR library, including the standard OpenSSH formats, as well as PEM PKCS#1 and PKCS#8. .PP The signature is printed out in Base64 encoding, unless the fBfC--binaryfR or fBfC-bfR option is given. .SH EXAMPLES .PP Signing with default settings: .PP .RS .nf $ printf 'foo' | sshpk-sign -i ~/.ssh/id_ecdsa MEUCIAMdLS/vXrrtWFepwe… .fi .RE .PP Signing in SSH (RFC 4253) format (rather than the default ASN.1): .PP .RS .nf $ printf 'foo' | sshpk-sign -i ~/.ssh/id_ecdsa -t ssh AAAAFGVjZHNhLXNoYTIt… .fi .RE .PP Saving the binary signature to a file: .PP .RS .nf $ printf 'foo' | sshpk-sign -i ~/.ssh/id_ecdsa \

\-o signature.bin \-b

$ cat signature.bin | base64 MEUCIAMdLS/vXrrtWFepwe… .fi .RE .SH OPTIONS .TP fBfC-v, --verbosefR Print extra information about the key and signature to stderr when signing. .TP fBfC-b, --binaryfR Don't base64-encode the signature before outputting it. .TP fBfC-i KEY, --identity=KEYfR Select the key to be used for signing. fBfCKEYfR must be a relative or absolute filesystem path to the key file. Any format supported by the fBfCsshpkfR library is supported, including OpenSSH formats and standard PEM PKCS. .TP fBfC-f PATH, --file=PATHfR Input file to sign instead of stdin. .TP fBfC-o PATH, --out=PATHfR Output file to save signature in instead of stdout. .TP fBfC-H HASH, --hash=HASHfR Set the hash algorithm to be used for signing. This should be one of fBfCsha1fR, fBfCsha256fR or fBfCsha512fR&. Some key types may place restrictions on which hash algorithms may be used (e.g. ED25519 keys can only use SHA-512). .TP fBfC-t FORMAT, --format=FORMATfR Choose the signature format to use, from fBfCasn1fR, fBfCsshfR or fBfCrawfR (only for ED25519 signatures). The fBfCasn1fR format is the default, as it is the format used with TLS and typically the standard in most non-SSH libraries (e.g. OpenSSL). The fBfCsshfR format is used in the SSH protocol and by the ssh-agent. .SH SEE ALSO .PP .BR sshpk-verify (1) .SH BUGS .PP Report bugs at Github [la]https://github.com/arekinath/node-sshpk/issues[ra]