# trust key generate Generate and load a signing key-pair ### Options | Name | Type | Default | Description | |:--------|:---------|:--------|:------------------------------------------------------------| | `--dir` | `string` | | Directory to generate key in, defaults to current directory | ## Description `docker trust key generate` generates a key-pair to be used with signing, and loads the private key into the local Docker trust keystore. ## Examples ### Generate a key-pair ```console $ docker trust key generate alice Generating key for alice... Enter passphrase for new alice key with ID 17acf3c: Repeat passphrase for new alice key with ID 17acf3c: Successfully generated and loaded private key. Corresponding public key available: alice.pub $ ls alice.pub ``` The private signing key is encrypted by the passphrase and loaded into the Docker trust keystore. All passphrase requests to sign with the key will be referred to by the provided `NAME`. The public key component `alice.pub` will be available in the current working directory, and can be used directly by `docker trust signer add`. Provide the `--dir` argument to specify a directory to generate the key in: ```console $ docker trust key generate alice --dir /foo Generating key for alice... Enter passphrase for new alice key with ID 17acf3c: Repeat passphrase for new alice key with ID 17acf3c: Successfully generated and loaded private key. Corresponding public key available: alice.pub $ ls /foo alice.pub ```