Manual page for KEYSERV(8C)
keyserv - server for storing public and private keys
SYNOPSIS
keyserv
[
-dkn
]
DESCRIPTION
keyserv
is a daemon that is used for storing the
private encryption keys of each
user logged into the system.
These encryption keys are used for accessing
secure network services such as secure
NFS.
When a user logs in to the system, the
login.1
program uses the login password to decrypt
the user's encryption key stored
in the
Network Information Service
(NIS),
and then gives the decrypted key to the
keyserv
daemon to store away.
Normally, root's key is read from the file
/etc/.rootkey
when the daemon starts up.
This is useful during power-failure reboots
when no one is around to type a password,
yet you still want the secure network services to operate normally.
OPTIONS
- -d
-
Prohibit the use of the default key.
If this is used
then every machine and user should have a publickey.
New publickeys cannot be created if you do not already have a key.
This can be done globally for an entire domain by deleting the
nobody
entry from
/etc/publickey
on the
NIS
master.
See
chkey.1
- -k
-
Remember keylogins across machine reboots.
This is only needed if
at.1
is used to schedule jobs that require secure
RPC.
Use of this option is not recommended.
- -n
-
Do not read root's key from
/etc/.rootkey.
Instead, prompt the user for the password to decrypt
root 's
key stored in the
NIS
service
and then store the decrypted key in
/etc/.rootkey
for future use.
This option is useful if the
/etc/.rootkey
file ever gets out of date or corrupted.
FILES
- /etc/.rootkey
-
/etc/keystore
SEE ALSO
login.1
keylogin.1
keylogout.1
publickey.5
NOTES
The Network Information Service
(NIS)
was formerly known as Sun Yellow Pages
(YP).
The functionality of the two remains the same;
only the name has changed.
Created by unroff & hp-tools.
© somebody (See intro for details). All Rights Reserved.
Last modified 11/5/97