KEYLOGIN man page on SmartOS

Man page or keyword search:  
man Server   16655 pages
apropos Keyword Search (all sections)
Output format
SmartOS logo
[printable version]

KEYLOGIN(1)							   KEYLOGIN(1)

NAME
       keylogin - decrypt and store secret key with keyserv

SYNOPSIS
       /usr/bin/keylogin [-r]

DESCRIPTION
       The keylogin command prompts for a password, and uses it to decrypt the
       user's secret key. The key can be found in the /etc/publickey file (see
       publickey(4))  or  the  NIS map ``publickey.byname'' or the  NIS+ table
       ``cred.org_dir'' in the user's  home  domain.  The  sources  and	 their
       lookup  order  are  specified  in the /etc/nsswitch.conf file. See nss‐
       witch.conf(4).  Once decrypted, the user's secret key is stored by  the
       local  key  server  process,  keyserv(1M). This stored key is used when
       issuing requests to any secure RPC services, such as NFS or  NIS+.  The
       program keylogout(1) can be used to delete the key stored by keyserv .

       keylogin fails if it cannot get the caller's key, or the password given
       is incorrect. For a new user or host, a new  key	 can  be  added	 using
       newkey(1M), nisaddcred(1M), or nisclient(1M).

       If  multiple  authentication  mechanisms are configured for the system,
       each of the configured mechanism's secret key is decrypted  and	stored
       by keyserv(1M). See nisauthconf(1M) for information on configuring mul‐
       tiple authentication mechanisms.

OPTIONS
       The following options are supported:

       -r
	     Update the /etc/.rootkey file. This file  holds  the  unencrypted
	     secret  key  of  the  superuser.  Only the superuser can use this
	     option. It is used so that processes  running  as	superuser  can
	     issue  authenticated requests without requiring that the adminis‐
	     trator explicitly run keylogin as	superuser  at  system  startup
	     time. See keyserv(1M). The -r option should be used by the admin‐
	     istrator when the host's entry  in	 the  publickey	 database  has
	     changed,  and  the /etc/.rootkey file has become out-of-date with
	     respect to the actual key pair stored in the publickey  database.
	     The permissions on the /etc/.rootkey file are such that it can be
	     read and written by the superuser but by no  other	 user  on  the
	     system.

	     If multiple authentication mechanisms are configured for the sys‐
	     tem, each of the configured mechanism's secret keys is stored  in
	     the /etc/.rootkey file.

FILES
       /etc/.rootkey
			superuser's secret key

SEE ALSO
       chkey(1),  keylogout(1),	 login(1),  keyserv(1M),  newkey(1M),  nisadd‐
       cred(1M),  nisauthconf(1M),   nisclient(1M),   nsswitch.conf(4),	  pub‐
       lickey(4), attributes(5)

NOTES
       NIS+ might not be supported in future releases of the Solaris operating
       system.	Tools to aid the migration from NIS+ to LDAP are available  in
       the    current	Solaris	  release.   For   more	  information,	 visit
       http://www.sun.com/directory/nisplus/transition.html.

				  Dec 2, 2005			   KEYLOGIN(1)
[top]

List of man pages available for SmartOS

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net