Unix/Linux Go Back    

OpenSolaris 2009.06 - man page for keylogin (opensolaris section 1)

Linux & Unix Commands - Search Man Pages
Man Page or Keyword Search:   man
Select Man Page Set:       apropos Keyword Search (sections above)

keylogin(1)				  User Commands 			      keylogin(1)

       keylogin - decrypt and store secret key with keyserv

       /usr/bin/keylogin [-r]

       The keylogin command prompts for a password, and uses it to decrypt the user's secret key.
       The key can be found in the /etc/publickey file (see publickey(4)) or the  NIS map  ``pub-
       lickey.byname'' or the  NIS+ table ``cred.org_dir'' in the user's home domain. The sources
       and their lookup order are specified in the /etc/nsswitch.conf file. See nsswitch.conf(4).
       Once  decrypted,  the  user's  secret  key is stored by the local key server process, key-
       serv(1M). This stored key is used when issuing requests to any secure RPC  services,  such
       as NFS or NIS+. The program keylogout(1) can be used to delete the key stored by keyserv .

       keylogin  fails if it cannot get the caller's key, or the password given is incorrect. For
       a new user or host,  a  new  key  can  be  added  using	 newkey(1M),  nisaddcred(1M),  or

       If  multiple  authentication mechanisms are configured for the system, each of the config-
       ured mechanism's secret key is decrypted and stored by  keyserv(1M).  See  nisauthconf(1M)
       for information on configuring multiple authentication mechanisms.

       The following options are supported:

       -r    Update  the  /etc/.rootkey  file.	This file holds the unencrypted secret key of the
	     superuser. Only the superuser can use this option. It is used so that processes run-
	     ning as superuser can issue authenticated requests without requiring that the admin-
	     istrator explicitly run keylogin as superuser  at	system	startup  time.	See  key-
	     serv(1M). The -r option should be used by the administrator when the host's entry in
	     the publickey database has changed, and the /etc/.rootkey file  has  become  out-of-
	     date with	respect to the actual key pair stored in the publickey database. The per-
	     missions on the /etc/.rootkey file are such that it can be read and written  by  the
	     superuser but by no other user on the system.

	     If  multiple  authentication  mechanisms  are configured for the system, each of the
	     configured mechanism's secret keys is stored in the /etc/.rootkey file.

       /etc/.rootkey	superuser's secret key

       See attributes(5) for descriptions of the following attributes:

       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       |Availability		     |SUNWcsu			   |

       chkey(1),  keylogout(1),  login(1),  keyserv(1M),  newkey(1M),  nisaddcred(1M),	 nisauth-
       conf(1M), nisclient(1M), nsswitch.conf(4), publickey(4), attributes(5)

       NIS+  might  not be supported in future releases of the Solaris operating system. Tools to
       aid the migration from NIS+ to LDAP are available in the current Solaris release. For more
       information, visit http://www.sun.com/directory/nisplus/transition.html.

SunOS 5.11				    2 Dec 2005				      keylogin(1)
Unix & Linux Commands & Man Pages : ©2000 - 2018 Unix and Linux Forums

All times are GMT -4. The time now is 02:52 PM.