Mercurial > illumos > illumos-gate

view usr/src/man/man1m/ickey.1m @ 13659:57451298f940

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
1469 ttyc/ttyd should be an allowed console device Reviewed by: Milan Jurik <milan.jurik@xylab.cz> Reviewed by: Alexander Eremin <alexander.r.eremin@gmail.com> Approved by: Richard Lowe <richlowe@richlowe.net>
author Gary Mills <gary_mills@fastmail.fm>
date Thu, 05 Apr 2012 08:47:21 -0500
parents 5b2854ecc12d
children
line wrap: on
line source

'\" te
.\" Copyright (c) 2003, Sun Microsystems, Inc. All Rights Reserved
.\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License").  You may not use this file except in compliance with the License.
.\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing.  See the License for the specific language governing permissions and limitations under the License.
.\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE.  If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
.TH ICKEY 1M "May 7, 2003"
.SH NAME
ickey \- install a client key for WAN boot
.SH SYNOPSIS
.LP
.nf
\fB/usr/lib/inet/wanboot/ickey\fR [\fB-d\fR] [\fB-o\fR type=3des]
.fi

.LP
.nf
\fB/usr/lib/inet/wanboot/ickey\fR [\fB-d\fR] [\fB-o\fR type=aes]
.fi

.LP
.nf
\fB/usr/lib/inet/wanboot/ickey\fR [\fB-d\fR] [\fB-o\fR type=sha1]
.fi

.SH DESCRIPTION
.sp
.LP
The \fBickey\fR command is used to install WAN boot keys on a running UNIX
system so that they can be used the next time the system is installed. You can
store three different types of keys: 3DES and AES for encryption and an HMAC
SHA-1 key for hashed verification.
.sp
.LP
\fBickey\fR reads the key from standard input using \fBgetpassphrase\fR(3C) so
that it does not appear on the command line. When installing keys on a remote
system, you must take proper precautions to ensure that any keying materials
are kept confidential. At a minimum, use \fBssh\fR(1) to prevent interception
of data in transit.
.sp
.LP
Keys are expected to be presented as strings of hexadecimal digits; they can
(but need not) be preceeded by a \fB0x\fR or \fB0X\fR.
.sp
.LP
The \fBickey\fR command has a single option, described below. An argument of
the type \fB-o\fR\ \fBtype=\fR\fIkeytype\fR is required.
.SH OPTIONS
.sp
.LP
The \fBickey\fR command the following option.
.sp
.ne 2
.na
\fB\fB-d\fR\fR
.ad
.RS 6n
Delete the key specified by the \fIkeytype\fR argument.
.RE

.SH EXIT STATUS
.sp
.LP
On success, \fBickey\fR exits with status 0; if a problem occurs, a diagnostic
message is printed and \fBickey\fR exits with non-zero status.
.SH FILES
.sp
.ne 2
.na
\fB\fB/dev/openprom\fR\fR
.ad
.RS 17n
WAN boot key storage driver
.RE

.SH ATTRIBUTES
.sp
.LP
See \fBattributes\fR(5) for descriptions of the following attributes:
.sp

.sp
.TS
box;
c | c
l | l .
ATTRIBUTE TYPE	ATTRIBUTE VALUE
_
Interface Stability	Unstable
.TE

.SH SEE ALSO
.sp
.LP
\fBssh\fR(1), \fBopenprom\fR(7D),  \fBattributes\fR(5)