newkey(1M)
NAME
newkey - create a new Diffie-Hellman key pair in the pub-
lickey database
SYNOPSIS
newkey -h hostname [-s nisplus | nis | files | ldap]
newkey -u username [-s nisplus | nis | files | ldap]
DESCRIPTION
newkey establishes new public keys for users and machines on
the network. These keys are needed when using secure RPC or
secure NFS service.
newkey prompts for a password for the given username or
hostname and then creates a new public/secret Diffie-Hellman
192 bit key pair for the user or host. The secret key is
encrypted with the given password. The key pair can be
stored in the /etc/publickey file, the NIS publickey map, or
the NIS+ cred.org_dir table.
newkey consults the publickey entry in the name service
switch configuration file (see nsswitch.conf(4)) to deter-
mine which naming service is used to store the secure RPC
keys. If the publickey entry specifies a unique name ser-
vice, newkey will add the key in the specified name service.
However, if there are multiple name services listed, newkey
cannot decide which source to update and will display an
error message. The user is required to specify the source
explicitly with the -s option.
In the case of NIS, newkey should be run by the superuser on
the master NIS server for that domain. In the case of NIS+,
newkey should be run by the superuser on a machine which has
permission to update the cred.org_dir table of the new
user/host domain.
In the case of NIS+, nisaddcred(1M) should be used to add
new keys. newkey cannot be used to create keys other than
192-bit Diffie-Hellman.
OPTIONS
-h hostname
Create a new public/secret key pair for the privileged
user at the given hostname. Prompts for a password for
the given hostname.
-u username
Create a new public/secret key pair for the given
username. Prompts for a password for the given user-
name.
-s nisplus
-s nis
-s files
-s ldap
Update the database in the specified source: nisplus
(for NIS+), nis (for NIS), files, or ldap (LDAP).
Other sources may be available in the future.
ATTRIBUTES
See attributes(5) for descriptions of the following attri-
butes:
____________________________________________________________
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|_____________________________|_____________________________|
| Availability | SUNWcsu |
|_____________________________|_____________________________|
SEE ALSO
chkey(1), keylogin(1), nisaddcred(1M), nisclient(1M),
nsswitch.conf(4), publickey(4), attributes(5)
NOTES
NIS+ might not be supported in future releases of the
SolarisTM Operating Environment. Tools to aid the migration
from NIS+ to LDAP are available in the Solaris 9 operating
environment. For more information, visit
http://www.sun.com/directory/nisplus/transition.html.
Man(1) output converted with
man2html