minssl
Software
www.skarnet.org

The minssl-keystore program

minssl-keystore stores a private/public key pair.

Interface

     minssl-keystore [ -k privkeyfile ] [ -K pubkeyfile ]

• minssl-keystore reads a private key, then a public key on stdin.
• It saves the private key to privkeyfile and the public key to pubkeyfile. privkeyfile defaults to key, and pubkeyfile defaults to key.pub.

Notes

Be careful: minssl-keystore overwrites privkeyfile and pubkeyfile without asking, and it is not crash-proof. If you want to replace your keys, you should use minssl-keystore with new filenames, then atomically replace the old private key file with the new one - and same with the public key file.

If privkeyfile does not exist, minssl-keystore creates it with mode 0600. However, other minssl programs do not check private key files' permissions before accepting a private key: it is up to you to be careful when handling private key files, and make sure they are always in 0400 or 0600 mode.