Manualshelf

HP-UX Reference (11i v3 07/02) - 1M System Administration Commands A-M (vol 3)

ManualsBrandsHP ManualsSoftwareHP-UX Reference Manuals
401402403404405406407408409410
k
keyserv(1M) keyserv(1M)
NAME
keyserv - server for storing private encryption keys
SYNOPSIS
keyserv [ -d | -e ][
-D ][ -n ]
DESCRIPTION
keyserv is a daemon that is used for storing the private encryption keys of each user logged into the sys-
tem. These encryption keys are used for accessing secure network services such as secure NFS.
Normally, root’s key is read from the file
/etc/.rootkey when the daemon is started. This is useful
during power-fail reboots when no one is around to type a password.
keyserv will not start up if the system does not have a secure RPC domain configured. The domain
name can be set up by using the
/usr/bin/domainname
command. Invoking the domainname com-
mand without arguments will display whether the user has a domain set up.
The
/etc/default/keyserv
file contains the following default parameter settings.
ENABLE_NOBODY_KEYS
Specifies whether default keys for nobody are used.
The default value is
ENABLE_NOBODY_KEYS=YES
.
ENABLE_NOBODY_KEYS=NO
is equivalent to the -d command-line option.
Options
-d Disable the use of default keys for nobody.
-e Enable the use of default keys for nobody. This is the default behavior.
-D Run in debugging mode and log all requests to keyserv to /var/nfs/keyserv.log
.
-n Root’s secret key is not read from /etc/.rootkey
. Instead, keyserv prompts the user for the
password to decrypt root’s key stored in the
publickey database and then stores the decrypted key
in /etc/.rootkey for future use.
This option is useful if the
/etc/.rootkey
file ever gets out-of-date or corrupted.
WARNINGS
HP-UX 11i Version 2 is the last HP-UX release on which NIS+ is supported. LDAP is the recommended
replacement for NIS+. HP fully supports the industry standard naming services based on LDAP.
AUTHOR
keyserv was developed by Sun Microsystems, Inc.
FILES
/etc/.rootkey Contains root’s key.
/etc/default/keyserv
Contains default settings. You can use command-line options to override
these settings.
/var/nfs/keyserv.log Log file
SEE ALSO
keylogin(1), keylogout(1), publickey(4).
LDAP-UX Client Services Administrator’s Guide
LDAP-UX Client Services Release Notes
HP-UX 11i Version 3: February 2007 1 Hewlett-Packard Company 403