NAME
chkey - change user's secure RPC key pair
SYNOPSIS
chkey [ -p ] [ -s nisplus nis files ]
DESCRIPTION
chkey is used to change a user's secure RPC public key and secret key pair. chkey prompts for the old secure-rpc password and veri®es that it is correct by decrypting the secret key. If the user has not already keylogged in, chkey registers the secret key with the local keyserv(1M) daemon. If the secure-rpc password does not match the login password, chkey prompts for the login password. chkey uses the login password to encrypt the user's secret Dif®e-Hellman (192 bit) cryptographic key.
chkey ensures that the login password and the secure-rpc password are kept the same.
The key pair can be stored in the /etc/publickey ®le, (see publickey(4)), NIS publickey map or NIS+ cred.org_dir table. If a new secret key is generated, it will be registered with the local keyserv(1M) daemon.
If the source of the publickey is not speci®ed with the -soption, chkey consults the publickey entry in the name service switch con®guration ®le (see nsswitch.conf(4)). If the publickey entry speci®es one and only one source, then chkey will change the key in the speci®ed name service. However, if multiple name services are listed, chkey can not decide which source to update and will display an error message. The user should specify the source explicitly with the -soption.
Non root users are not allowed to change their key pair in the /etc/publickey ®le.
Options | |
-p | Re-encrypt the existing secret key with the user's login password. |
-s nisplus Update the NIS+ database.
-s nis Update the NIS database.
-s files Update the files database.
AUTHOR
chkey was developed by Sun Microsystems, Inc.
FILES
/etc/nsswitch.conf
/etc/publickey
SEE ALSO
keylogin(1), keylogout(1), keyserv(1M), newkey(1M), nisaddcred(1M), nsswitch.conf(4), publickey(4).
