HP-UX Reference (11i v1 05/09) - 1 User Commands A-M (vol 1)
c
chkey(1) chkey(1)
NAME
chkey - change user’s secure RPC key pair
SYNOPSIS
chkey [ -p ][-s nisplus
| nis | files ]
DESCRIPTION
chkey is used to change a user’s secure RPC public key and secret key pair.
chkey prompts for the old
secure-rpc password and verifies that it is correct by decrypting the secret key. If the user has not already
keylogged in,
chkey registers the secret key with the local keyserv(1M) daemon. If the secure-rpc pass-
word does not match the login password,
chkey
prompts for the login password. chkey uses the login
password to encrypt the user’s secret Diffie-Hellman (192 bit) cryptographic key.
chkey ensures that the login password and the secure-rpc password are kept the same.
The key pair can be stored in the
/etc/publickey file, (see publickey(4)), NIS
publickey map or
NIS+
cred.org_dir table. If a new secret key is generated, it will be registered with the local
keyserv(1M) daemon.
If the source of the publickey is not specified with the -s option, chkey
consults the publickey
entry in the name service switch configuration file (see nsswitch.conf(4)). If the
publickey entry
specifies one and only one source, then
chkey will change the key in the specified name service. However,
if multiple name services are listed, chkey can not decide which source to update and will display an error
message. The user should specify the source explicitly with the -s option.
Non root users are not allowed to change their key pair in the /etc/publickey
file.
Options
-p Re-encrypt the existing secret key with the user’s login password.
-s nisplus Update the NIS+ database.
-s nis Update the NIS database.
-s files Update the files database.
AUTHOR
chkey was developed by Sun Microsystems, Inc.
FILES
/etc/nsswitch.conf
/etc/publickey
SEE ALSO
keylogin(1), keylogout(1), keyserv(1M), newkey(1M), nisaddcred(1M), nsswitch.conf(4), publickey(4).
HP-UX 11i Version 1: September 2005 − 1 − Hewlett-Packard Company Section 1−−83