Chkey

On SunOS, the chkey command changes a user's secure RPC key pair.

Description

The chkey command changes a user's secure RPC public key and secret key pair. chkey prompts for the old secure-rpc password and verifies that it is correct by decrypting the secret key. If the user has not already used keylogin to decrypt and store the secret key with keyserv, chkey registers the secret key with the local keyserv daemon. If the secure-rpc password does not match the login password, chkey prompts for the login password. chkey then uses the login password to encrypt the user's secret Diffie-Hellman (192 bit) cryptographic key. chkey can also encrypt other Diffie-Hellman keys for authentication mechanisms configured using nisauthconf.

chkey ensures that the login password and the secure-rpc password (or passwords) are kept the same, thus enabling password shadowing.

The key pair can be stored in the /etc/publickey file, the NIS publickey map, or the NIS+ cred.org_dir table. If a new secret key is generated, it will be registered with the local keyserv daemon. However, only NIS+ can store Diffie-Hellman keys other than 192-bits.

Keys for specific mechanisms can be changed or reencrypted using the -m option followed by the authentication mechanism name. Multiple -m options can be used to change one or more keys. However, only mechanisms configured using nisauthconf can be changed with chkey.

If the source of the publickey is not specified with the -s option, chkey consults the publickey entry in the name service switch configuration file (nsswitch.conf). If the publickey entry specifies one and only one source, then chkey will change the key in the specified name service. However, if multiple name services are listed, chkey can not decide which source to update and displays an error message. The user should specify the source explicitly with the -s option.

Non-root users are not allowed to change their key pair in the files database.

Syntax

chkey -p -s nisplus | nis | files | ldap -m
Options
-p

Re-encrypt the existing secret key with

the user's login password.

-s nisplus

Update the NIS+ database.

-s nis

Update the NIS database.

-s ldap

Update the LDAP database.

-s files

Update the files database.

-m

Changes or re-encrypts the secret key for the specified mechanism.

Related commands

keylogin — Decrypt a user's secret key on SunOS.

What is an Operating System? » Computer Shortcut Keys and their Functions » Keyboard Function Keys » Computer Basics - Hardware - Software - Parts

Short Stories for Kids - Moral Stories – English Short Stories for Children - Moral Stories for Kids - Stories for Kids - Funny Story for Kids - Scary Stories for Kids - Really Funny Short Stories - Bedtime Stories
Proverb Stories
Powerful Motivational Quotes for Students » Success Quotes » English Short Stories for Kids

Cabin Crew Jobs & Career Advice » Secretary Job Description » Receptionist Job Description » Top 100 Interview Questions and Answers » How to Prepare for an Interview » How to Write a CV » How to Choose a Career » Computer Shortcut Keys and their Functions

Click here to post comments

Join in and write your own page! It's easy to do. How? Simply click here to return to Computer Basics FAQ.

Army Jobs - Navy Jobs - Military Jobs

Scholarship 2024/25

Current Scholarships 2024/2025 - Fully Funded

Full Undergraduate Scholarships 2024/2025

Fully Funded Masters Scholarships 2024/25

PhD Scholarships for International Students - Fully Funded!

Funding Opportunities for Journalists 2024/2025

Funding for NGOs 2024/2025

Funding for Artists 2024/2025

Funding for Entrepreneurs 2024/2025

✅Over 4500 Current Fully Funded Scholarships for International Students

✅ Undergraduate Scholarships 2024

✅ Masters Scholarships 2024

✅ PhD Scholarships 2024 Click Here!

Free Scholarship Newsletter --- E-mail Address

First Name

Then Don't worry — your e-mail address is totally secure. I promise to use it only to send you Advance Africa Newsletter.