evfsauth.1 (2010 09)

ManualsBrandsHP ManualsSoftwareHP-UX Manpages

evfsauth(1) evfsauth(1)

(EVFS Software Required)

NAME

evfsauth - manage EVFS login sessions

SYNOPSIS

evfsauth login [-c cipher ][-m

keywrap ]

evfsauth display

DESCRIPTION

The evfsauth command enables a user to manage his/her login session associated with HP-UX EVFS.

A login session with user/group keys ready for encrypting/decrypting ﬁles is called a secure session. With

evfsauth, users can enter into a secure session. This command can also be used to list the user/group

keys associated with the current secure session.

The

evfsauth command requires the optional HP-UX Encrypted Volume and File System (EVFS)

software.

Subcommands

evfsauth recognizes the following subcommands:

loads the user key, user’s primary group key (if available) and recovery key (if available)

into the login session and thus converts it to a secure session.

If the user key doesn’t exist in the system,

evfsauth

creates a pair of public/private key

for that user with the user account name as the key name (see evfspkey (1)). The user will

be prompted to enter a passphrase to protect the newly created private key or to retrieve

the existing the private key.

After a user logs into the secure session, the

/opt/evfs/bin

directory will be added to

the environment variable

PATH, so that some EVFS wrapper commands will be implicitly

executed instead of HP-UX commands (see evfs_wrapper (1)).

To end the secure session, simply type "exit" from the shell prompt.

display List the keys associated with the current user secure session.

Options

evfsauth recognizes the following options and parameters:

-c cipher The type of key to generate. Valid values are: rsa-1024

, rsa-1536, and rsa-2048.

If the user key doesn’t exist and the cipher is not speciﬁed, the default cipher value is

extracted from the EVFS conﬁguration ﬁle

/etc/evfs/evfs.conf

(set to rsa-1536

as the default). If the user already has a key pair, evfsauth login ignores this option.

-m keywrap Specify the algorithm used to encrypt/decrypt private keys when the

creates a new key, which overrides the

keywrap conﬁguration value in

/etc/evfs/evfs.conf. If the user already has a key pair, evfsauth login ignores

this option.

RETURN VALUE

evfsauth returns one of the following values:

0 Success

<>0 Failure

ERRORS

Errors will be printed to standard error.

EXAMPLES

The following command creates a new key pair using the cipher

rsa-2048 and enters into secure login

session.

% evfsauth login -c rsa-2048

The following command list the keys associated with current secure login session.

% evfsauth display

HP-UX 11i Version 3: September 2010 − 1 − Hewlett-Packard Company 1

Summary of content (2 pages)

PAGE 1
evfsauth(1) evfsauth(1) (EVFS Software Required) NAME evfsauth - manage EVFS login sessions SYNOPSIS evfsauth login [-c cipher ] [-m keywrap ] evfsauth display DESCRIPTION The evfsauth command enables a user to manage his/her login session associated with HP-UX EVFS. A login session with user/group keys ready for encrypting/decrypting files is called a secure session. With evfsauth, users can enter into a secure session.
PAGE 2
evfsauth(1) evfsauth(1) (EVFS Software Required) AUTHOR evfsauth was developed by Hewlett-Packard. FILES /etc/evfs/evfs.conf EVFS configuration information SEE ALSO evfs_wrapper(1), evfsfile(1), evfspkey(1), evfs.conf(4), evfs(5).