NFS Services Administrator's Guide
Configuring and Administering NIS
Configuring and Administering Secure RPC (if NIS+ is not used)
Chapter 4192
To Have Users Create their Secure RPC Keys
1. In the /etc/publickey file on the NIS master server, make sure the
entry for user nobody exists and is not commented out (is not
preceded by #).
2. Tell each user in your NIS domain to issue the chkey command:
/usr/bin/chkey
At the Password prompt, the user should enter his or her login
password.
The chkey command displays a message saying it is generating a key for
unix.UID@NIS_domain. This string identifies the user in the
publickey.byname NIS map. UID is the user ID of the user for whom the
key is being generated, and NIS_domain is the default NIS domain,
returned by the domainname command.
The secure RPC key is encrypted with the user’s login password. The
/usr/bin/yppasswd command reencrypts the secure RPC key with the
new password whenever a user changes the login password.
In order for users to create keys for themselves with the chkey
command, the publickey.byname map must have an entry for user
nobody. If you remove the entry for user nobody, users can change their
secure RPC keys with the chkey command, but they cannot create keys if
they do not already have them.
For more information, see the following man pages: publickey(4),
chkey(1), and yppasswd(1).