IBM Streams 4.2.1

Generating authentication keys for IBM Streams

Use this procedure to generate public and private keys for IBM® Streams. Generating public and private keys eliminates the need for IBM Streams users to enter a password when they run streamtool commands.

Before you begin

To successfully use generated authentication keys when a domain is running in an environment without a shared file system, the streamtool genkey command must be run on each resource where the user runs streamtool commands.


Generate public and private keys.
  • To create public and private keys for the user who is entering the command, enter streamtool genkey.
  • If LDAP is used to authenticate IBM Streams users, you can create public and private keys for another user by entering streamtool genkey -U user-id.
The streamtool genkey command generates the following files:
  • Private key: user-id_priv.pem
  • Public key: user-id.pem
IBM Streams stores the private key in the user-home-directory/.streams/key/domain-id directory. The public key is stored in ZooKeeper.