1997-05-28 17:44:22 +02:00
|
|
|
.\" @(#)keyserv.1m 1.21 93/07/14 SMI; from SVr4
|
1997-09-23 08:36:27 +02:00
|
|
|
.\"macro stdmacro
|
1997-05-28 17:44:22 +02:00
|
|
|
.\" Copyright 1989 AT&T
|
|
|
|
.\" @(#)keyserv.8c 1.8 89/03/29 SMI;
|
1999-07-12 22:12:29 +02:00
|
|
|
.\" $Id$
|
1997-05-28 17:44:22 +02:00
|
|
|
.\".TH KEYSERV 8C "9 September 1987"
|
1997-09-23 08:36:27 +02:00
|
|
|
.Dd September 14, 1992
|
|
|
|
.Dt KEYSERV 8
|
|
|
|
.Os
|
|
|
|
.Sh NAME
|
|
|
|
.Nm keyserv
|
|
|
|
.Nd server for storing private encryption keys
|
|
|
|
.Sh SYNOPSIS
|
|
|
|
.Nm keyserv
|
|
|
|
.Op Fl d
|
|
|
|
.Op Fl D
|
|
|
|
.Op Fl n
|
|
|
|
.Op Fl p Ar path
|
|
|
|
.Op Fl v
|
|
|
|
.Sh DESCRIPTION
|
|
|
|
.Nm Keyserv
|
1997-05-28 17:44:22 +02:00
|
|
|
is a daemon that is used for storing the
|
|
|
|
private encryption keys of each
|
|
|
|
user logged into the system.
|
|
|
|
These encryption keys are used for accessing
|
|
|
|
secure network services such as secure NFS.
|
1997-09-23 08:36:27 +02:00
|
|
|
.Pp
|
1997-05-28 17:44:22 +02:00
|
|
|
Normally, root's key is read from the file
|
1997-09-23 08:36:27 +02:00
|
|
|
.Pa /etc/.rootkey
|
1997-05-28 17:44:22 +02:00
|
|
|
when the daemon is started.
|
|
|
|
This is useful during power-fail reboots
|
|
|
|
when no one is around to type a password.
|
1997-09-23 08:36:27 +02:00
|
|
|
.Pp
|
1997-05-28 17:44:22 +02:00
|
|
|
If a client with no secret key calls
|
1997-09-23 08:36:27 +02:00
|
|
|
.Nm keyserv ,
|
1997-05-28 17:44:22 +02:00
|
|
|
then the key of user
|
1997-09-23 08:36:27 +02:00
|
|
|
.Em nobody
|
1997-05-28 17:44:22 +02:00
|
|
|
is used instead as the default key.
|
1997-09-23 08:36:27 +02:00
|
|
|
.Pp
|
|
|
|
The following options are available:
|
|
|
|
.Bl -tag -width indent
|
|
|
|
.It Fl d
|
1997-05-28 17:44:22 +02:00
|
|
|
Disable the use of default keys for
|
1997-09-23 08:36:27 +02:00
|
|
|
.Em nobody .
|
|
|
|
.It Fl D
|
1997-05-28 17:44:22 +02:00
|
|
|
Run in debugging mode and log all requests to
|
1997-09-23 08:36:27 +02:00
|
|
|
.Nm keyserv .
|
|
|
|
.It Fl n
|
1997-05-28 17:44:22 +02:00
|
|
|
Root's secret key is not read from
|
1997-09-23 08:36:27 +02:00
|
|
|
.Pa /etc/.rootkey .
|
1997-05-28 17:44:22 +02:00
|
|
|
Instead,
|
1997-09-23 08:36:27 +02:00
|
|
|
.Nm
|
1997-05-28 17:44:22 +02:00
|
|
|
prompts the user for the password to decrypt
|
|
|
|
root's key stored in the
|
1997-09-23 08:36:27 +02:00
|
|
|
.Pa /etc/publickey
|
1997-05-28 17:44:22 +02:00
|
|
|
database and then stores the decrypted key in
|
1997-09-23 08:36:27 +02:00
|
|
|
.Pa /etc/.rootkey
|
1997-05-28 17:44:22 +02:00
|
|
|
for future use.
|
|
|
|
This option is useful if the
|
1997-09-23 08:36:27 +02:00
|
|
|
.Pa /etc/.rootkey
|
1997-05-28 17:44:22 +02:00
|
|
|
file ever gets out of date or corrupted.
|
1997-09-23 08:36:27 +02:00
|
|
|
.It Fl p Ar path
|
|
|
|
Specify where to search for
|
|
|
|
.Pa libdes.so.3 .
|
|
|
|
Default is
|
|
|
|
.Pa /usr/lib .
|
|
|
|
.It Fl v
|
|
|
|
Display status of DES support (enabled/disabled).
|
|
|
|
.El
|
|
|
|
.Sh FILES
|
|
|
|
.Bl -tag -width /usr/lib/libdes.so.3. -compact
|
|
|
|
.It Pa /etc/.rootkey
|
|
|
|
.It Pa /usr/lib/libdes.so.3.
|
|
|
|
.El
|
|
|
|
.Sh "SEE ALSO"
|
|
|
|
.Xr keylogin 1 ,
|
|
|
|
.Xr keylogout 1 ,
|
|
|
|
.Xr publickey 5
|