[unix-history] / usr / src / local / kerberosIV / make_keypair / make_keypair.8

.\" Copyright (c) 1988, 1993
.\"	The Regents of the University of California.  All rights reserved.
.\"
.\" %sccs.include.redist.man%
.\"
.\"	@(#)make_keypair.8	8.1 (Berkeley) %G%
.\"
.Dd 
.Dt MAKE_KEYPAIR 8
.Os
.Sh NAME
.Nm make_keypair
.Nd generate Kerberos host key pair
.Sh SYNOPSIS
.Nm make_keypair
.Ar hostname
.Op Ar hostname ...
.Sh DESCRIPTION
The
.Nm make_keypair
command
is used to create pairs of
.Tn DES
keys for
each
.Ar hostname .
The keys are used by priviledged programs such as
.Xr register 1
to make remote updates to the Kerberos database without
having to have first acquired a Kerberos ticket granting ticket
.Pq Tn TGT .
The keys created by
.Nm make_keypair
are placed (by hand) in the filesystems of the
kerberos server in
.Pa /etc/kerberosIV/register_keys ,
and in the root directory on the clients.
For example, the file
.Pa /.update.key128.32.130.3
would
contain a copy of the key on the client with
IP address 128.32.130.3.
These keys provide a shared secret which may be used to establish
a secure channel between the client hosts and the Kerberos server.
.Sh FILES
.Bl -tag -width /etc/kerberosIV/register_keysxx -compact
.It Pa /.update.keyxx.xx.xx.xx
shared
.Tn DES
key with server
.It Pa /etc/kerberosIV/register_keys
server's key storage directory
.El
.Sh SEE ALSO
.Xr register 1 ,
.Xr registerd 8 ,
.Xr kerberos 1
.Sh HISTORY
The
.Nm make_keypair
utility first appeared in 4.4BSD.
Commit	Line	Data
5772a23d EA	1	.\" Copyright (c) 1988, 1993
5772a23d EA	2	.\" The Regents of the University of California. All rights reserved.
8107e037	3	.\"
0fccfdb8	4	.\" %sccs.include.redist.man%
8107e037	5	.\"
5772a23d	6	.\" @(#)make_keypair.8 8.1 (Berkeley) %G%
0fccfdb8 CL	7	.\"
	8	.Dd
	9	.Dt MAKE_KEYPAIR 8
	10	.Os
	11	.Sh NAME
	12	.Nm make_keypair
	13	.Nd generate Kerberos host key pair
	14	.Sh SYNOPSIS
	15	.Nm make_keypair
	16	.Ar hostname
	17	.Op Ar hostname ...
	18	.Sh DESCRIPTION
8107e037	19	The
0fccfdb8	20	.Nm make_keypair
8107e037	21	command
0fccfdb8 CL	22	is used to create pairs of
	23	.Tn DES
	24	keys for
	25	each
	26	.Ar hostname .
8107e037	27	The keys are used by priviledged programs such as
0fccfdb8	28	.Xr register 1
8107e037	29	to make remote updates to the Kerberos database without
0fccfdb8 CL	30	having to have first acquired a Kerberos ticket granting ticket
0fccfdb8 CL	31	.Pq Tn TGT .
8107e037	32	The keys created by
0fccfdb8	33	.Nm make_keypair
8107e037	34	are placed (by hand) in the filesystems of the
0fccfdb8 CL	35	kerberos server in
0fccfdb8 CL	36	.Pa /etc/kerberosIV/register_keys ,
8107e037	37	and in the root directory on the clients.
0fccfdb8 CL	38	For example, the file
	39	.Pa /.update.key128.32.130.3
	40	would
8107e037 KF	41	contain a copy of the key on the client with
	42	IP address 128.32.130.3.
	43	These keys provide a shared secret which may be used to establish
	44	a secure channel between the client hosts and the Kerberos server.
0fccfdb8 CL	45	.Sh FILES
	46	.Bl -tag -width /etc/kerberosIV/register_keysxx -compact
	47	.It Pa /.update.keyxx.xx.xx.xx
	48	shared
	49	.Tn DES
	50	key with server
	51	.It Pa /etc/kerberosIV/register_keys
	52	server's key storage directory
	53	.El
	54	.Sh SEE ALSO
	55	.Xr register 1 ,
	56	.Xr registerd 8 ,
	57	.Xr kerberos 1
	58	.Sh HISTORY
	59	The
0e29eac7 EA	60	.Nm make_keypair
0e29eac7 EA	61	utility first appeared in 4.4BSD.