|
Hopefully, this page is exactly what you are looking for, but if not, you can always find further assistance on Unix/Linux Forum!
User Commands chkey(1)
NAME
chkey - change user's secure RPC key pair
SYNOPSIS
chkey [-p] [-s nisplus | nis | files | ldap] [-
m <mechanism>]
DESCRIPTION
chkey is used to change a user's secure RPC public key and
secret key pair. chkey prompts for the old secure-rpc pass-
word and verifies that it is correct by decrypting the
secret key. If the user has not already used keylogin(1) to
decrypt and store the secret key with keyserv(1M), chkey
registers the secret key with the local keyserv( 1M) daemon.
If the secure-rpc password does not match the login pass-
word, chkey prompts for the login password. chkey uses the
login password to encrypt the user's secret Diffie-Hellman
(192 bit) cryptographic key. chkey can also encrypt other
Diffie-Hellman keys for authentication mechanisms configured
using nisauthconf(1M).
chkey ensures that the login password and the secure-rpc
password(s) are kept the same, thus enabling password sha-
dowing. See shadow(4).
The key pair can be stored in the /etc/publickey file (see
publickey(4)), the NIS publickey map, or the NIS+
cred.org_dir table. If a new secret key is generated, it
will be registered with the local keyserv(1M) daemon. How-
ever, only NIS+ can store Diffie-Hellman keys other than
192-bits.
Keys for specific mechanisms can be changed or reencrypted
using the -m option followed by the authentication mechanism
name. Multiple -m options can be used to change one or more
keys. However, only mechanisms configured using
nisauthconf(1M) can be changed with chkey.
If the source of the publickey is not specified with the -s
option, chkey consults the publickey entry in the name
service switch configuration file. See nsswitch.conf(4). If
the publickey entry specifies one and only one source, then
chkey will change the key in the specified name service.
However, if multiple name services are listed, chkey can not
decide which source to update and will display an error mes-
sage. The user should specify the source explicitly with the
-s option.
Non root users are not allowed to change their key pair in
the files database.
SunOS 5.10 Last change: 29 Nov 2005 1
User Commands chkey(1)
OPTIONS
The following options are supported:
-p Re-encrypt the existing secret key
with the user's login password.
-s nisplus Update the NIS+ database.
-s nis Update the NIS database.
-s files Update the files database.
-s ldap Update the LDAP database.
-m <mechanism> Changes or re-encrypt the secret key
for the specified mechanism.
FILES
/etc/nsswitch.conf
/etc/publickey
ATTRIBUTES
See attributes(5) for descriptions of the following attri-
butes:
____________________________________________________________
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|_____________________________|_____________________________|
| Availability | SUNWcsu |
|_____________________________|_____________________________|
SEE ALSO
keylogin(1), keylogout(1), keyserv(1M), newkey(1M),
nisaddcred(1M), nisauthconf(1M), nsswitch.conf(4), pub-
lickey(4), shadow(4), attributes(5)
SunOS 5.10 Last change: 29 Nov 2005 2
User Commands chkey(1)
NOTES
NIS+ might not be supported in future releases of the
Solaris operating system. Tools to aid the migration from
NIS+ to LDAP are available in the current Solaris release.
For more information, visit
http://www.sun.com/directory/nisplus/transition.html.
SunOS 5.10 Last change: 29 Nov 2005 3
Man(1) output converted with
man2html and wrapped by fishsponge
This page was generated on Wed Sep 12 11:24:29 GMT 2007
|
Your favourite pages:
No pages logged yet.
Trying to save cookie... Top 10 most popular pages:
ssh man page (4011 hits)
(Suse Linux 10.1)
CPAN man page (3936 hits)
(Suse Linux 10.1)
startproc man page (1431 hits)
(Suse Linux 10.1)
svn man page (1148 hits)
(FreeBSD 6.2)
signal man page (1069 hits)
(Suse Linux 10.1)
lwptut man page (1033 hits)
(Suse Linux 10.1)
startpar man page (808 hits)
(Suse Linux 10.1)
netcat man page (796 hits)
(Suse Linux 10.1)
Net::Config man page (740 hits)
(Suse Linux 10.1)
oowriter man page (720 hits)
(Suse Linux 10.1)
|
Man Pages 
