NAME
newkey — create a new Diffie-Hellman key pair in the publickey database
SYNOPSIS
newkey
-h hostname
[
-s nisplus|nis|files
]
newkey
-u username
[
-s nisplus|nis|files
]
DESCRIPTION
newkey
establishes new public keys for users and
machines on the network.
These keys are needed when using secure RPC or secure NFS service.
newkey
prompts for a password for the given
username
or
hostname
and then creates a new public/secret Diffie-Hellman 192 bit key pair
for the user or host.
The secret key is encrypted with the given password.
The key pair can be stored in the
/etc/publickey
file, the
NIS
publickey
map, or the
NIS+
cred.org_dir
table.
newkey
consults the
publickey
entry in the name service switch configuration file
(see
nsswitch.conf(4))
to determine which naming service is used to store the secure
RPC
keys.
If the
publickey
entry specifies a unique name service,
newkey
will add the key in the specified name service.
However, if there are multiple name services listed,
newkey
cannot decide which source to update and will display an error message.
The user is required to
specify the source explicitly with the
-s
option.
In the case of
NIS,
newkey
should be run by the superuser on the master
NIS
server for that domain.
In the case of
NIS+,
newkey
should be run by the superuser
on a machine which has permission to update the
cred.org_dir
table of the new user/host domain.
In the case of
NIS+,
nisaddcred(1M)
should be used to add new keys.
Options
- -h hostname
Create a new public/secret key pair for the privileged user at the given
hostname.
Prompts for a password for the given
hostname.
- -u username
Create a new public/secret key pair for the given
username.
Prompts for a password for the given
username.
- -s nisplus
- -s nis
- -s files
Update the database in the specified source:
nisplus
(for NIS+),
nis
(for NIS),
or
files.
Other sources may be available in the future.
AUTHOR
newkey
was developed by Sun Microsystems, Inc.