keyserv man page on SmartOS

Man page or keyword search:  
man Server   16655 pages
apropos Keyword Search (all sections)
Output format
SmartOS logo
[printable version]

KEYSERV(1M)							   KEYSERV(1M)

NAME
       keyserv - server for storing private encryption keys

SYNOPSIS
       keyserv [-c] [-d | -e] [-D] [-n] [-s sizespec]

DESCRIPTION
       keyserv	is  a  daemon  that is used for storing the private encryption
       keys of each user logged into the system.  These	 encryption  keys  are
       used for accessing secure network services such as secure NFS and NIS+.

       Normally,  root's key is read from the file /etc/.rootkey when the dae‐
       mon is started. This is useful during power-fail reboots when no one is
       around to type a password.

       keyserv	does  not  start  up  if the system does not have a secure rpc
       domain configured. Set up the domain name by using the /usr/bin/domain‐
       name command. Usually the svc:/system/identity:domain service reads the
       domain from /etc/defaultdomain. Invoking the domainname command without
       arguments tells you if you have a domain set up.

       The  /etc/default/keyserv file contains the following default parameter
       settings. See .

       ENABLE_NOBODY_KEYS
			     Specifies whether default	keys  for  nobody  are
			     used.  ENABLE_NOBODY_KEYS=NO is equivalent to the
			     -d command-line option.  The  default  value  for
			     ENABLE_NOBODY_KEYS is YES.

OPTIONS
       The following options are supported:

       -c
		      Do  not  use  disk  caches. This option overrides any -s
		      option.

       -D
		      Run in debugging mode and log all requests to keyserv.

       -d
		      Disable the use of default keys for nobody. See .

       -e
		      Enable the use of default keys for nobody. This  is  the
		      default behavior.	 See .

       -n
		      Root's  secret  key  is  not  read  from	/etc/.rootkey.
		      Instead, keyserv prompts the user for  the  password  to
		      decrypt  root's key stored in the publickey database and
		      then stores  the	decrypted  key	in  /etc/.rootkey  for
		      future  use.  This option is useful if the /etc/.rootkey
		      file ever gets out of date or corrupted.

       -s sizespec
		      Specify the size of the extended	Diffie-Hellman	common
		      key  disk caches. The sizespec can be one of the follow‐
		      ing forms:

		      mechtype=size
				       size is an integer specifying the maxi‐
				       mum  number of entries in the cache, or
				       an integer immediately followed by  the
				       letter  M, denoting the maximum size in
				       MB.

		      size
				       This form of sizespec  applies  to  all
				       caches.

		      See  nisauthconf(1M)  for mechanism types. Note that the
		      des mechanism, AUTH_DES, does not use a disk cache.

FILES
       /etc/.rootkey

       /etc/default/keyserv
			       Contains default settings. You can use command-
			       line options to override these settings.

SEE ALSO
       keylogin(1),  svcs(1),  keylogout(1), nisauthconf(1M), svcadm(1M), pub‐
       lickey(4), attributes(5), smf(5)

       http://www.sun.com/directory/nisplus/transition.html

NOTES
       NIS+ might not be supported in future releases of the Solaris operating
       system.	 Tools to aid the migration from NIS+ to LDAP are available in
       the   current   Solaris	 release.   For	  more	 information,	 visit
       http://www.sun.com/directory/nisplus/transition.html.

       The  keyserv  service  is  managed  by the service management facility,
       smf(5), under the service identifier:

	 svc:/network/rpc/keyserv:default

       Administrative actions on this service, such as enabling, disabling, or
       requesting  restart,  can  be performed using svcadm(1M). The service's
       status can be queried using the svcs(1) command.

				  Jan 4, 2002			   KEYSERV(1M)
[top]

List of man pages available for SmartOS

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net