🟣generate

Generate an asymmetric key pair. The private key is generated on the YubiKey, and written to one of the slots.

ykman piv keys generate OPTIONS SLOT PUBLIC-KEY

Options	Description
-h, --help	Show this message and exit.
-a, --algorithm [RSA1024 RSA2048|ECCP256|ECCP384]	Algorithm to use in key generation. [default: RSA2048]
-F, --format [PEM|DER]	Encoding format. [default: PEM]
-m, --management-key TEXT	The management key.
-P, --pin TEXT	PIN code.
-s, --subject TEXT	Subject for certificate, an RFC 4514 string. [required].
--pin-policy [DEFAULT| NEVER|ONCE|ALWAYS]	PIN policy for slot.
--touch-policy [DEFAULT| NEVER|ALWAYS|CACHED]	Touch policy for slot.

Arguments	Description
PUBLIC-KEY	File containing the generated public key. Use '-' to use stdout.
SLOT	PIV slot of the private key.

HELP

Help Command

Usage: ykman.exe piv keys generate [OPTIONS] SLOT PUBLIC-KEY

  Generate an asymmetric key pair.

  The private key is generated on the YubiKey, and written to one of the slots.

  SLOT        PIV slot of the private key.
  PUBLIC-KEY  File containing the generated public key. Use '-' to use stdout.

Options:
  -m, --management-key TEXT       The management key.
  -P, --pin TEXT                  PIN code.
  -a, --algorithm [RSA1024|RSA2048|ECCP256|ECCP384]
                                  Algorithm to use in key generation.  [default: RSA2048]
  -F, --format [PEM|DER]          Encoding format.  [default: PEM]
  --pin-policy [DEFAULT|NEVER|ONCE|ALWAYS]
                                  PIN policy for slot.
  --touch-policy [DEFAULT|NEVER|ALWAYS|CACHED]
                                  Touch policy for slot.
  -h, --help                      Show this message and exit.

EXAMPLE

example 1