Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

keylogout(1) [opensolaris man page]

keylogout(1)							   User Commands						      keylogout(1)

NAME
keylogout - delete stored secret key with keyserv SYNOPSIS
/usr/bin/keylogout [-f] DESCRIPTION
keylogout deletes the key stored by the key server process keyserv(1M). Further access to the key is revoked; however, current session keys might remain valid until they expire or are refreshed. Deleting the keys stored by keyserv causes any background jobs or scheduled at(1) jobs that need secure RPC services to fail. Since only one copy of the key is kept on a machine, it is a bad idea to place a call to this command in your .logout file since it affects other sessions on the same machine. If multiple NIS+ authentication mechanisms are configured for the system, then all keys stored by the key server process is deleted, including keys that are no longer configured. OPTIONS
The following options are supported: -f Force keylogout to delete the secret key for the superuser. By default, keylogout by the superuser is disallowed because it would break all RPC services, such as NFS, that are started by the superuser. ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------------------------------------+ | ATTRIBUTE TYPE ATTRIBUTE VALUE | |Availability SUNWcsu | +-----------------------------------------------------------+ SEE ALSO
at(1), chkey(1), login(1), keylogin(1), keyserv(1M), newkey(1M), nisauthconf(1M), publickey(4), attributes(5) NOTES
NIS+ might not be supported in future releases of the Solaris operating system. Tools to aid the migration from NIS+ to LDAP are available in the current Solaris release. For more information, visit http://www.sun.com/directory/nisplus/transition.html. SunOS 5.11 2 Dec 2005 keylogout(1)

Check Out this Related Man Page

keylogin(1)                                                        User Commands                                                       keylogin(1)

NAME
keylogin - decrypt and store secret key with keyserv SYNOPSIS
/usr/bin/keylogin [-r] DESCRIPTION
The keylogin command prompts for a password, and uses it to decrypt the user's secret key. The key may be found in the /etc/publickey file (see publickey(4)) or the NIS map ``publickey.byname'' or the NIS+ table ``cred.org_dir'' in the user's home domain. The sources and their lookup order are specified in the /etc/nsswitch.conf file. See nsswitch.conf(4). Once decrypted, the user's secret key is stored by the local key server process, keyserv(1M). This stored key is used when issuing requests to any secure RPC services, such as NFS or NIS+. The program keylogout(1) can be used to delete the key stored by keyserv . keylogin will fail if it cannot get the caller's key, or the password given is incorrect. For a new user or host, a new key can be added using newkey(1M), nisaddcred(1M), or nisclient(1M). If multiple authentication mechanisms are configured for the system, each of the configured mechanism's secret key will be decrypted and stored by keyserv(1M). See nisauthconf(1M) for information on configuring multiple authentication mechanisms. OPTIONS
-r Update the /etc/.rootkey file. This file holds the unencrypted secret key of the superuser. Only the superuser may use this option. It is used so that processes running as superuser can issue authenticated requests without requiring that the administra- tor explicitly run keylogin as superuser at system startup time. See keyserv(1M). The -r option should be used by the administra- tor when the host's entry in the publickey database has changed, and the /etc/.rootkey file has become out-of-date with respect to the actual key pair stored in the publickey database. The permissions on the /etc/.rootkey file are such that it may be read and written by the superuser but by no other user on the system. If multiple authentication mechanisms are configured for the system, each of the configured mechanism's secret keys will be stored in the /etc/.rootkey file. FILES
/etc/.rootkey superuser's secret key ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Availability |SUNWcsu | +-----------------------------+-----------------------------+ SEE ALSO
chkey(1), keylogout(1), login(1), keyserv(1M), newkey(1M), nisaddcred(1M), nisauthconf(1M), nisclient(1M), nsswitch.conf(4), publickey(4), attributes(5) NOTES
NIS+ might not be supported in future releases of the SolarisTM Operating Environment. Tools to aid the migration from NIS+ to LDAP are available in the Solaris 9 operating environment. For more information, visit http://www.sun.com/directory/nisplus/transition.html. SunOS 5.10 10 Dec 2001 keylogin(1)
Man Page