openssl-genrsa

Generate an RSA private key of 2048 bits to stdout

$ openssl genrsa

$ openssl genrsa -out [output_file.key] [1234]

$ openssl genrsa [-aes256]

openssl genrsa [options] [numbits]

numbits: The desired bit length of the RSA private key (e.g., 2048, 4096).

numbits
    The desired bit length for the RSA key. Common values are 2048 or 4096 bits. Higher values increase security but also generation time and computational load. If omitted, OpenSSL defaults to 2048 bits.

-out filename
    Specifies the output file for the generated private key. If not provided, the key is written to standard output (stdout).

-passout arg
    Provides a passphrase for encrypting the private key. The arg can be a literal string, an environment variable, a file, or a prompt specification (e.g., 'pass:your_password', 'env:MY_PASS', 'file:/path/to/passfile').

-des | -des3 | -aes128 | -aes192 | -aes256 | -camellia128 | -camellia192 | -camellia256
    These options specify the symmetric encryption algorithm to use for encrypting the private key on disk. If none of these are specified, the key is stored unencrypted (which is generally not recommended for production).

-f4 | -no-f4
    Use (or don't use) the default public exponent 0x10001 (Fermat F4). This is the standard and recommended value for RSA public keys and is the default behavior.

-rand file(s)
    Specifies one or more files to seed the pseudo-random number generator (PRNG). Multiple files should be separated by ':' (on Linux/macOS) or ';' (on Windows). Crucial for generating strong, unpredictable keys.

-engine id
    Specifies a hardware engine to use for cryptographic operations, potentially enhancing security and performance for key generation, especially in environments with hardware security modules (HSMs).

-noout
    Prevents the output of the encoded version of the private key. Useful when only wanting to inspect the key with '-text' or check its properties without saving it.

-text
    Prints the key in a human-readable text format, including modulus, public exponent, private exponent, prime factors, and other RSA parameters. This output is helpful for debugging and verification.

-verbose
    Provides more verbose output during key generation, useful for understanding the process, especially when troubleshooting entropy or performance issues.

The openssl genrsa command is a utility within the OpenSSL cryptographic toolkit used to generate RSA private keys. RSA (Rivest–Shamir–Adleman) is an asymmetric cryptographic algorithm widely used for secure data transmission and digital signatures. It relies on a pair of keys: a public key, which can be shared freely, and a private key, which must be kept secret. This command specifically focuses on creating the private component of this pair.

When executed, genrsa generates a new RSA private key of a specified bit length (e.g., 2048 or 4096 bits), which determines the key's strength. Longer keys offer greater security but require more computational resources. The generated key is typically saved in PEM (Privacy-Enhanced Mail) format, which is a Base64 encoded text format. Optionally, the private key can be encrypted on disk using a symmetric cipher (like DES3 or AES256) and a passphrase for added security. This command is a fundamental step in setting up secure communication channels, such as for SSL/TLS certificates, SSH authentication, or digital signing applications.

1. Randomness is paramount: The security of your RSA key relies heavily on the quality of the random numbers used during its generation. Ensure your system has sufficient entropy. A low-entropy environment can lead to weak, predictable keys. Consider using the -rand option or a hardware random number generator if available.

2. Passphrase protection: If you encrypt your private key with a passphrase (highly recommended for production use), choose a strong, unique passphrase. Losing or forgetting this passphrase will render your private key unusable, potentially compromising your entire security setup.

3. Key length choice: While longer keys offer more security, they also increase computational overhead for cryptographic operations. Currently, 2048-bit RSA keys are generally considered secure for most applications, with 4096-bit keys offering enhanced long-term security. Very short keys (e.g., 512 or 1024 bits) are considered insecure for new deployments and should be avoided.

4. Key exposure: Once generated, the private key must be handled with extreme care. It should never be exposed, committed to public repositories, or transmitted insecurely. Its compromise can lead to impersonation, data decryption, or unauthorized signing.

To generate a 2048-bit RSA private key and save it to a file named private_key.pem, prompting for a passphrase to encrypt it with AES-256:
openssl genrsa -aes256 -out private_key.pem 2048

To generate an unencrypted 4096-bit RSA key (less secure for production but useful for specific scenarios like testing):
openssl genrsa -out unencrypted_key.pem 4096

To view the contents of an existing private key (requires passphrase if encrypted):
openssl rsa -in private_key.pem -text -noout (Note: this uses openssl rsa, not genrsa, to process an existing key).

The -f4 option (which is the default behavior if not explicitly overridden by -no-f4) sets the public exponent to 65537 (0x10001). This value, also known as Fermat F4, is a prime number and is widely used because it significantly speeds up public key operations (like encryption and signature verification) compared to other exponents. While theoretically a fixed public exponent could be a weak point if combined with other vulnerabilities, for RSA, it is generally considered safe and standard practice.

The RSA algorithm itself was publicly described in 1977 by Rivest, Shamir, and Adleman, becoming one of the first public-key cryptosystems and foundational to modern cryptography. The openssl command-line tool, and specifically its genrsa subcommand, emerged as a vital component of the OpenSSL project, which was initiated in 1998 as a successor to SSLeay. OpenSSL quickly became the de-facto standard for implementing SSL/TLS, securing web communications, VPNs, and various other network services.

genrsa has been a core part of OpenSSL from its early days, providing the essential capability to create the private key components necessary for SSL/TLS certificates, secure shell (SSH) communications, and other applications relying on asymmetric encryption. Its design reflects the common requirements for key generation: configurable key lengths, options for key encryption, and integration with the wider OpenSSL ecosystem for certificate management.

openssl rsa(1ssl), openssl req(1ssl), openssl x509(1ssl), openssl pkcs8(1ssl)