newkey(1m) - osol9

1newkey(1M)              System Administration Commands              newkey(1M)
2
3
4

NAME

6       newkey - create a new Diffie-Hellman key pair in the publickey database
7

SYNOPSIS

9       newkey -h hostname [-s nisplus | nis | files | ldap]
10
11
12       newkey -u username [-s nisplus | nis | files | ldap]
13
14

DESCRIPTION

16       newkey  establishes  new public keys for users and machines on the net‐
17       work. These keys are needed when using secure RPC or  secure  NFS  ser‐
18       vice.
19
20
21       newkey  prompts  for  a password for the given username or hostname and
22       then creates a new public/secret Diffie-Hellman 192 bit  key  pair  for
23       the  user or host. The secret key is encrypted with the given password.
24       The key pair can be stored in the /etc/publickey  file,  the  NIS  pub‐
25       lickey map, or the NIS+ cred.org_dir table.
26
27
28       newkey consults the publickey entry in the name service switch configu‐
29       ration file (see nsswitch.conf(4)) to determine which naming service is
30       used  to  store the secure RPC keys. If the publickey entry specifies a
31       unique name service, newkey will add the key in the specified name ser‐
32       vice.  However, if there are multiple name services listed, newkey can‐
33       not decide which source to update and will display  an  error  message.
34       The  user  is  required  to  specify  the source explicitly with the -s
35       option.
36
37
38       In the case of NIS, newkey should be run by the superuser on the master
39       NIS  server  for that domain. In the case of NIS+, newkey should be run
40       by the superuser on a  machine  which  has  permission  to  update  the
41       cred.org_dir table of the new user/host domain.
42
43
44       In  the  case  of  NIS+, nisaddcred(1M) should be used to add new keys.
45       newkey cannot be used to create keys other than 192-bit Diffie-Hellman.
46
47
48       In the case of LDAP, newkey should be run by the superuser on a machine
49       that  also  recognizes  the directory manager's bind distinguished name
50       (DN) and password to perform an LDAP update for the host.
51

OPTIONS

53       -h hostname    Create a new public/secret key pair for  the  privileged
54                      user  at  the given hostname. Prompts for a password for
55                      the given hostname.
56
57
58       -u username    Create a new public/secret key pair for the given  user‐
59                      name. Prompts for a password for the given username.
60
61
62       -s nisplus     Update  the  database  in  the specified source: nisplus
63       -s nis         (for NIS+), nis (for NIS), files, or ldap (LDAP).  Other
64       -s files       sources may be available in the future.
65       -s ldap
66

ATTRIBUTES

68       See attributes(5) for descriptions of the following attributes:
69
70
71
72
73       ┌─────────────────────────────┬─────────────────────────────┐
74       │      ATTRIBUTE TYPE         │      ATTRIBUTE VALUE        │
75       ├─────────────────────────────┼─────────────────────────────┤
76       │Availability                 │SUNWcsu                      │
77       └─────────────────────────────┴─────────────────────────────┘
78

NOTES

84       NIS+ might not be supported in future releases of the Solaris operating
85       system.  Tools  to aid the migration from NIS+ to LDAP are available in
86       the   current   Solaris   release.   For   more   information,    visit
87       http://www.sun.com/directory/nisplus/transition.html.
88
89
90
91SunOS 5.11                        13 Nov 2003                       newkey(1M)

NAME

SYNOPSIS

DESCRIPTION

OPTIONS

ATTRIBUTES

SEE ALSO

NOTES