chkey.1 (2010 09)

ManualsBrandsHP ManualsSoftwareHP-UX Manpages

chkey(1) chkey(1)

NAME

chkey - change user’s secure RPC key pair

SYNOPSIS

chkey [ -p ][-s nis

| files | ldap ]

DESCRIPTION

chkey is used to change a user’s secure RPC public key and secret key pair.

chkey prompts for the old

secure-rpc password and veriﬁes that it is correct by decrypting the secret key.

If the user has not already used

keylogin to decrypt and store the secret key with keyserv, chkey

registers the secret key with the local

keyserv daemon. If the secure-rpc password does not match the

chkey prompts for the login password.

chkey uses the login password to encrypt the

user’s secret Difﬁe-Hellman (192 bit) cryptographic key.

chkey ensures that the login password and the secure-rpc password are kept the same.

The key pair can be stored in the

/etc/publickey ﬁle (see publickey (4)), the NIS

publickey map,

user entries in the LDAP directory. If a new secret key is generated, it will be registered with the

local keyserv daemon.

If the source of the

publickey is not speciﬁed with the

-s option, chkey consults the publickey

entry in the name service switch conﬁguration ﬁle (see nsswitch.conf(4)). If the

publickey entry

speciﬁes one and only one source, then

chkey will change the key in the speciﬁed name service. How-

ever, if multiple name services are listed, chkey cannot decide which source to update and will display

an error message. The user should specify the source explicitly with the -s option.

Non root users are not allowed to change their key pair in the

/etc/publickey

ﬁle.

Options

-p Re-encrypt the existing secret key with the user’s login password.

-s nis Update the NIS database.

-s files Update the files database.

-s ldap Update the LDAP database.

WARNINGS

HP-UX 11i Version 2 is the last HP-UX release on which NIS+ is supported. LDAP is the recommended

replacement for NIS+. HP fully supports the industry standard naming services based on LDAP.

AUTHOR

chkey was developed by Sun Microsystems, Inc.

FILES

/etc/nsswitch.conf

/etc/publickey

Summary of content (2 pages)

PAGE 1
chkey(1) chkey(1) NAME chkey - change user’s secure RPC key pair SYNOPSIS chkey [ -p ] [ -s nis | files | ldap ] DESCRIPTION chkey is used to change a user’s secure RPC public key and secret key pair. chkey prompts for the old secure-rpc password and verifies that it is correct by decrypting the secret key. If the user has not already used keylogin to decrypt and store the secret key with keyserv, chkey registers the secret key with the local keyserv daemon.
PAGE 2
(Notes) A (Notes) cA 2 Hewlett-Packard Company −1− HP-UX 11i Version 3: September 2010