ipsec pki --gen


ipsec pki --gen [--type rsa|ecdsa|ed25519|bliss] [--size bits] [--safe-primes]
                [--shares n] [--threshold l] [--outform der|pem]

           --help        (-h)  show usage information
           --type        (-t)  type of key, default: rsa
           --size        (-s)  keylength in bits, default: rsa 2048, ecdsa 384, ed25519 256, bliss 1
           --safe-primes (-p)  generate rsa safe primes
           --shares      (-n)  number of private rsa key shares
           --threshold   (-l)  minimum number of participating rsa key shares
           --outform     (-f)  encoding of generated private key, default: der
           --debug       (-v)  set debug level, default: 1
           --options     (-+)  read command line options from file


Generate a new RSA, ECDSA or BLISS private key.


  • Generate a 3072 bit RSA private key
pki --gen --size 3072 > myKey.der
  • Generate a 256 bit ECDSA private key
pki --gen --type ecdsa --size 256 > myKey.der
  • Generate a BLISS IV private key with a strength of 192 bits
pki --gen --type bliss --size 4 > myKey.der

Problems on Hosts with Low Entropy

If the gmp plugin is used to generate RSA private keys (the default) the key material is read from /dev/random (via the random plugin). Therefore the command may block if the system's entropy pool is empty. To avoid this, either use a hardware random number generator to feed /dev/random or use OpenSSL (either via the openssl plugin or the command line) which is not as strict in regards to the quality of the key material (it also reads from /dev/urandom if necessary).

Since 5.0.1 it is also possible to configure the devices the random plugin uses in strongswan.conf (it was previously possible with ./configure options). Setting libstrongswan.plugins.random.random to /dev/urandom forces the plugin to treat bytes read from /dev/urandom as high grade random data, thus avoiding the blocking. Of course, this doesn't change the fact that the key material generated this way is of lower quality.


Generate a 2048 bit RSA private key with OpenSSL:

openssl genrsa -out myKey.pem 2048