go to
> pam_rsa(8)
Homepage > Man Pages > Category > Maintenance Commands
Homepage > Man Pages > Name > P

pamrsakp

man page of pamrsakp

pamrsakp: generate keypairs for pam_rsa PAM-authentication module

NAME
pamrsakp - generate keypairs for pam_rsa PAM-authentication module

SYNOPSIS

pamrsakp user hostname pubdir privdir hashtype usepassphrase

DESCRIPTION

The pamrsakp is a utility script for creating RSA keypairs that can be used with the pam_rsa PAM-authentication module.

ARGUMENTS

All six arguments are required. * user User for whom the RSA keypair is created. * hostname Target hostname for which the RSA keypair is created. The generated public key (which is actually contained within an X509 PEM-format certificate) is meant to be stored on the target host. * pubdir Directory into which pamrsakp should output the generated RSA public key * privdir Directory into which pamrsakp should create a subdirectory based on a SHA1 hashed hostname. Depending on the value of hashtype, pamrsakp creates the RSA private key in the subdirectory either with a SHA1 hashed name, or with a name that is not hashed. NOTE: NEVER EVER LOSE YOUR PRIVATE KEY. * hashtype Specify sha1 to generate RSA private key with its filename SHA1 hashed or specify none for no hashing. * usepassphrase Specify yes to protect your RSA private key with passphrase-based encryption. THIS IS RECOMMENDED UNLESS YOU ARE SURE OF WHAT YOU ARE DOING. You will be prompted for a passphrase and the passphrase will be read from standard input. Specify no for an unencrypted RSA private key. Use with caution.

EXAMPLES

Issuing a command: pamrsakp spock startrek.example.com /safedir/pub /safedir/priv sha1 yes creates an RSA keypair for user spock. The public key is to be stored on host startrek.example.com. User spock would presumably use a USB memory stick (or other portable media) to store the corresponding RSA private key. Private key's filename is based on a SHA1 hash, and the private key itself is encrypted with a passphrase.
FILES
/etc/security/pamrsakp.cnf pamrsakp's OpenSSL defaults
NOTES
This script requires bash and will probably explode if any other shell is used

SEE ALSO

pam_rsa(8)

AUTHOR

Vesa-Matti Kari email: pamrsa-bugs@laamanaama.helsinki.fi PAMRSAKP(8)
 
 
 

Copyright © 2011–2018 by topics-of-interest.com . All rights reserved. Hosted by all-inkl.
Contact · Imprint · Privacy

Page generated in 42.15ms.

Ermitteln Sie Ihre IP-Adresse schnell und einfach | dfptutorial.com | www.daelim-wiki.de