manpages.info - online man pages   

SunOS man pages : keyserv (1) 

Maintenance Commands                                  keyserv(1M)


NAME

     keyserv - server for storing private encryption keys


SYNOPSIS

     keyserv [ -c ]  [ -d ]  [ -D ]  [ -n ]  [ -s sizespec ]


DESCRIPTION

     keyserv is a daemon that is used  for  storing  the  private
     encryption  keys  of each user logged into the system. These
     encryption keys are used for accessing secure  network  ser-
     vices such as secure NFS and NIS+.

     Normally, root's key is read  from  the  file  /etc/.rootkey
     when the daemon is started. This is useful during power-fail
     reboots when no one is around to type a password.


OPTIONS

     -c    Do not use disk caches. This option overrides  any  -s
           option.

     -d    Disable the use of default keys for nobody.

     -D    Run  in  debugging  mode  and  log  all  requests   to
           keyserv.

     -n    Root's secret key  is  not  read  from  /etc/.rootkey.
           Instead,  keyserv prompts the user for the password to
           decrypt root's key stored in  the  publickey  database
           and then stores the decrypted key in /etc/.rootkey for
           future use. This option is useful if the /etc/.rootkey
           file ever gets out of date or corrupted.

     -s sizespec
           Specify the size of the extended Diffie-Hellman common
           key  disk  caches. The sizespec can be one of the fol-
           lowing forms:

     mechtype=size
           size is an integer specifying the  maximum  number  of
           entries  in  the cache, or an integer immediately fol-
           lowed by the letter M, denoting the  maximum  size  in
           MB.

     size  This form of sizespec applies to all caches.

     See nisauthconf(1M) for mechanism types. Note that  the  des
     mechanism, AUTH_DES, does not use a disk cache.


FILES

     /etc/.rootkey

SunOS 5.8           Last change: 18 Oct 1999                    1

Maintenance Commands                                  keyserv(1M)


ATTRIBUTES

     See attributes(5) for descriptions of the  following  attri-
     butes:

     ____________________________________________________________
    |       ATTRIBUTE TYPE        |       ATTRIBUTE VALUE       |
    |_____________________________|_____________________________|
    | Availability                | SUNWcsu                     |
    |_____________________________|_____________________________|


SEE ALSO

     keylogin(1),  keylogout(1),  nisauthconf(1M),  publickey(4),
     attributes(5)


NOTES

     keyserv will not start up if the  system  does  not  have  a
     secure  rpc  domain  configured.  Set  up the domain name by
     using   the   /usr/bin/domainname   command.   Usually   the
     /etc/init.d/inetinit    script   reads   the   domain   from
     /etc/defaultdomain. Invoking the domainname command  without
     arguments tells you if you have a domain set up.

SunOS 5.8           Last change: 18 Oct 1999                    2