MyWebUniversity.com Home Page
 



OpenSolaris man pages main menu 


User Commands                                         keylogin(1)



NAME
     keylogin - decrypt and store secret key with keyserv

SYNOPSIS
     /usr/bin/keylogin [-r]


DESCRIPTION
     The keylogin command prompts for a password, and uses it  to
     decrypt  the  user's secret key. The key can be found in the
     /etc/publickey file  (see  publickey(4))  or  the   NIS  map
     ``publickey.byname''  or the  NIS] table ``cred.orgdir'' in
     the user's home domain. The sources and their  lookup  order
     are   specified   in   the   /etc/nsswitch.conf   file.  See
     nsswitch.conf(4). Once decrypted, the user's secret  key  is
     stored  by  the  local key server process, keyserv(1M). This
     stored key is used when issuing requests to any  secure  RPC
     services,  such as NFS or NIS]. The program keylogout(1) can
     be used to delete the key stored by keyserv .


     keylogin fails if it cannot get the  caller's  key,  or  the
     password  given  is incorrect. For a new user or host, a new
     key can  be  added  using   newkey(1M),  nisaddcred(1M),  or
     nisclient(1M).


     If multiple authentication mechanisms are configured for the
     system,  each  of  the  configured mechanism's secret key is
     decrypted and stored by   keyserv(1M).  See  nisauthconf(1M)
     for   information  on  configuring  multiple  authentication
     mechanisms.

OPTIONS
     The following options are supported:

     -r    Update the /etc/.rootkey file.  This  file  holds  the
           unencrypted  secret  key  of  the  superuser. Only the
           superuser can use this option.  It  is  used  so  that
           processes running as superuser can issue authenticated
           requests  without  requiring  that  the  administrator
           explicitly run keylogin as superuser at system startup
           time. See keyserv(1M). The -r option should be used by
           the  administrator  when  the host's entry in the pub-
           lickey database has  changed,  and  the  /etc/.rootkey
           file  has  become  out-of-date  with   respect  to the
           actual key pair stored in the publickey database.  The
           permissions on the /etc/.rootkey file are such that it
           can be read and written by the  superuser  but  by  no
           other user on the system.

           If multiple authentication mechanisms  are  configured



SunOS 5.11           Last change: 2 Dec 2005                    1






User Commands                                         keylogin(1)



           for  the  system,  each  of the configured mechanism's
           secret keys is stored in the /etc/.rootkey file.


FILES
     /etc/.rootkey    superuser's secret key


ATRIBUTES
     See attributes(5) for descriptions of the  following  attri-
     butes:



     
           ATRIBUTE TYPE               ATRIBUTE VALUE       
    
     Availability                 SUNWcsu                     
    


SEE ALSO
     chkey(1), keylogout(1), login(1),  keyserv(1M),  newkey(1M),
     nisaddcred(1M),        nisauthconf(1M),       nisclient(1M),
     nsswitch.conf(4), publickey(4), attributes(5)

NOTES
     NIS] might not  be  supported  in  future  releases  of  the
     Solaris  operating  system.  Tools to aid the migration from
     NIS] to LDAP are available in the current  Solaris  release.
     For            more            information,            visit
     http:/www.sun.com/directory/nisplus/transition.html.























SunOS 5.11           Last change: 2 Dec 2005                    2
OpenSolaris man pages main menu
Contact us      |       About us      |       Term of use      |       Copyright © 2000-2010 MyWebUniversity.com ™