[ Bottom of Page | Previous Page | Next Page | Contents | Index | Library Home | Legal | Search ]

Commands Reference, Volume 3

keyserv Daemon

Purpose

Stores public and private keys.

Syntax

/usr/sbin/keyserv [ -n ]

Description

The keyserv daemon stores the private encryption keys of each user logged into the system. When a user types in a password during a keylogin, the secret key is decrypted. The decrypted key is then stored by the keyserv daemon. These decrypted keys enable the user to access secure network services such as secure Network File System (NFS).

When the keyserv daemon starts, it reads the key for the root directory from the /etc/.rootkey file. This daemon keeps the secure network services operating normally. For instance, after a power failure, when the system restarts itself, it gets the key for the root directory from the /etc/.rootkey file.

Flags

-n Prevents the keyserv daemon from reading the key for the root directory from the /etc/.rootkey file. Instead, the keyserv daemon prompts the user for the password to decrypt the root directory's key stored in the network information service map and then stores the decrypted key in the /etc/.rootkey file for future use. This option is useful if the /etc/.rootkey file ever goes out of date or is corrupted.

Examples

  1. To start the keyserv daemon enabling the system to get the key for the root directory from the /etc/.rootkey file, enter:

    /usr/sbin/keyserv 
  2. A System Resource Controller (SRC) command can also enable the system to get the key for the root directory from the /etc/.rootkey file as follows:

    startsrc -s keyserv 

    This command sequence starts a script that contains the keyserv daemon.

  3. To prevent the keyserv daemon from reading the key for the root directory from the /etc/rootkey file, enter:

    chssys -s keyserv -a '-n'

    This command passes the -n argument to the keyserv daemon if SRC is used to start the daemon.

Files

/etc/.rootkey Stores the encrypted key for the root directory.

Related Information

The chssys command, keyenvoy command, startsrc command.

How to Export a File System Using Secure NFS, How to Mount a File System Using Secure NFS in AIX 5L Version 5.2 Security Guide.

Network File System (NFS) Overview for System Management in AIX 5L Version 5.2 System Management Guide: Operating System and Devices.

Network Information Services (NIS) Overview for System Management in AIX 5L Version 5.2 Network Information Services (NIS and NIS+) Guide.

NIS Reference.

System Resource Controller Overview in AIX 5L Version 5.2 System Management Concepts: Operating System and Devices.

[ Top of Page | Previous Page | Next Page | Contents | Index | Library Home | Legal | Search ]