The OpenNET Project / Index page

[ новости /+++ | форум | теги | ]

Интерактивная система просмотра системных руководств (man-ов)

 ТемаНаборКатегория 
 
 [Cписок руководств | Печать]

wanboot_keygen (1)
  • >> wanboot_keygen (1) ( Solaris man: Команды и прикладные программы пользовательского уровня )
  •  

    NAME

    wanboot_keygen - create and display client and server keys for WAN booting
     
    

    SYNOPSIS

    /usr/lib/inet/wanboot/keygen -c -o net=a.b.c.d ,cid=client_ID,type=3des
    

    /usr/lib/inet/wanboot/keygen -c -o net=a.b.c.d ,cid=client_ID,type=aes
    

    /usr/lib/inet/wanboot/keygen -m
    

    /usr/lib/inet/wanboot/keygen -c -o net=a.b.c.d ,cid=client_ID,type=sha1
    

    /usr/lib/inet/wanboot/keygen -d -m
    

    /usr/lib/inet/wanboot/keygen -c -o net=a.b.c.d ,cid=client_ID,type=keytype
    

     

    DESCRIPTION

    The keygen utility has three purposes:

    o Using the -c flag, to generate and store per-client 3DES/AES encryption keys, avoiding any DES weak keys.
    o Using the -m flag, to generate and store a "master" HMAC SHA-1 key for WAN install, and to derive from the master key per-client HMAC SHA-1 hashing keys, in a manner described in RFC 3118, Appendix A.
    o Using the -d flag along with either the -c or -m flag to indicate the key repository, to display a key of type specified by keytype, which must be one of 3des, aes, or sha1.

    The net and cid arguments are used to identify a specific client. Both arguments are optional. If the cid option is not provided, the key being created or displayed will have a per-network scope. If the net option is not provided, then the key will have a global scope. Default net and code values are used to derive an HMAC SHA-1 key if the values are not provided by the user.  

    OPTIONS

    The following options are supported:

    -c

    Generate and store per-client 3DES/AES encryption keys, avoiding any DES weak keys. Also generates and stores per-client HMAC SHA-1 keys. Used in conjunction with -o.

    -d

    Display a key of type specified by keytype, which must be one of 3des, aes, or sha1. Use -d with -m or with -c and -o.

    -m

    Generate and store a "master" HMAC SHA-1 key for WAN install.

    -o

    Specifies the WANboot client and/or keytype.

     

    EXAMPLES

    Example 1 Generate a Master HMAC SHA-1 Key

    # keygen -m
    

    Example 2 Generate and Then Display a Client-Specific Master HMAC SHA-1 Key

    # keygen -c -o net=172.16.174.0,cid=010003BA0E6A36,type=sha1
    # keygen -d -c -o net=172.16.174.0,cid=010003BA0E6A36,type=sha1
    

    Example 3 Generate and Display a 3DES Key with a Per-Network Scope

    # keygen -c -o net=172.16.174.0,type=3des
    # keygen -d -o net=172.16.174.0,type=3des
    

     

    EXIT STATUS

    0

    Successful operation.

    >0

    An error occurred.

     

    ATTRIBUTES

    See attributes(5) for descriptions of the following attributes:

    ATTRIBUTE TYPEATTRIBUTE VALUE

    AvailabilitySUNWwbsup

    Interface Stability

     

    SEE ALSO

    attributes(5)


     

    Index

    NAME
    SYNOPSIS
    DESCRIPTION
    OPTIONS
    EXAMPLES
    EXIT STATUS
    ATTRIBUTES
    SEE ALSO


    Поиск по тексту MAN-ов: 




    Партнёры:
    PostgresPro
    Inferno Solutions
    Hosting by Hoster.ru
    Хостинг:

    Закладки на сайте
    Проследить за страницей
    Created 1996-2024 by Maxim Chirkov
    Добавить, Поддержать, Вебмастеру