Endpoint Security: Creating Keys

CIC allows you to use keys for authentication, encryption, and signing. You can either generate them using CIC (see Generating Keys and Certificates) or generate them outside of CIC. If you generate them outside, you must import them into CIC. This article contains an example of how to create keys you can use in CIC. There are other methods to create keys, and this is not an endorsement of this method of creating keys over any other. 

Creating SSH Keys Using OpenSSH

For Mac and Linux systems, you can generate SSH (OpenSSH) keys from the command line without the need to install additional software.
For Windows, you can also generate SSH (OpenSSH) keys from the command line if you have the Git Bash application (or other software), or if installed, you can use PuTTYgen (part of the PuTTY application package) to generate a key with it's UI.

The following command generates a 2048-bit RSA SSH key with the comment name of MyCompany.

ssh-keygen -f ~/example-sftp-key -t rsa -b 2048 -C MyCompany

You are prompted to input and verify a private key password.

The following files are generated and located in your home directory:
example-sftp-key (your private key file that can be imported into CIC)
example-sftp-key.pub (your public SFTP key that can be provided to your trading partner)

Creating OpenPGP Keys Using GnuPG

For Windows, Mac, and Linux, you can use GnuPG (OpenPGP) command line to create OpenPGP keys.
Use the following command to generate a new PGP key.
gpg --full-generate-key

Follow the prompts and input the desired values

• Type of key (RSA and RSA, default)
• Key size (2048, default)
• Expiration (0, default)
• Real name
• Email address
• Comment (optional)
• Passphrase

Use the following command to export the public PGP key that you can provide to your trading partner.
gpg --output public.pgp --armor --export me@mycompany.com

Use the following command to export the secret key that you can import into CIC.
gpg --output private.pgp --armor --export-secret-key me@mycompany.com