Mercurial > illumos > illumos-gate

view usr/src/man/man1m/sckmd.1m @ 13659:57451298f940

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
1469 ttyc/ttyd should be an allowed console device Reviewed by: Milan Jurik <milan.jurik@xylab.cz> Reviewed by: Alexander Eremin <alexander.r.eremin@gmail.com> Approved by: Richard Lowe <richlowe@richlowe.net>
author Gary Mills <gary_mills@fastmail.fm>
date Thu, 05 Apr 2012 08:47:21 -0500
parents 5b2854ecc12d
children
line wrap: on
line source

'\" te
.\" Copyright (c) 2005, Sun Microsystems, Inc. All Rights Reserved.
.\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License").  You may not use this file except in compliance with the License.
.\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing.  See the License for the specific language governing permissions and limitations under the License.
.\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE.  If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
.TH SCKMD 1M "Apr 25, 2006"
.SH NAME
sckmd \- Sun cryptographic key management daemon
.SH SYNOPSIS
.LP
.nf
\fB/usr/platform/sun4u/lib/sckmd\fR
.fi

.SH DESCRIPTION
.sp
.LP
\fBsckmd\fR is a server process that resides on a high-end system domain to
maintain the Internet Protocol Security (\fBIPsec\fR) Security Associations
(\fBSAs\fR) needed to secure communications between a Service Processor or
System Controller (SC) and platform management software running within a
domain. The \fBcvcd\fR(1M) and \fBdcs\fR(1M) daemons use these Security
Associations. See \fBipsec\fR(7P) for a description of Security Associations.
.sp
.LP
The \fBsckmd\fR daemon receives \fBSA\fRs from the Service Processor or
\fBSC\fR and installs these \fBSA\fRs in a domain's Security Association
Database (\fBSADB\fR) using \fBpf_key\fR(7P).
.sp
.LP
\fBsckmd\fR starts up at system boot time as an \fBSMF\fR service. The
\fBFMRI\fR for the \fBsckmd\fR service is:
.sp
.in +2
.nf
svc:/platform/sun4u/sckmd:default
.fi
.in -2
.sp

.sp
.LP
A domain supports only one running \fBsckmd\fR process at a time.
.SH ATTRIBUTES
.sp
.LP
See \fBattributes\fR(5) for descriptions of the following attributes:
.sp

.sp
.TS
box;
c | c
l | l .
ATTRIBUTE TYPE	ATTRIBUTE VALUE
_
Interface Stability	Evolving
.TE

.SH SEE ALSO
.sp
.LP
\fBcvcd\fR(1M), \fBdcs\fR(1M), \fBipsecconf\fR(1M), \fBipsecalgs\fR(1M),
\fBattributes\fR(5), \fBipsec\fR(7P), \fBipsecah\fR(7P), \fBipsecesp\fR(7P),
\fBpf_key\fR(7P)
.SH NOTES
.sp
.LP
The \fBsckmd\fR service is used only on Sun Fire high-end systems and the
\fBSPARC\fR Enterprise Server family. It provides a mechanism for exchanging
\fBIPsec\fR keys between a domain and its System Controller (\fBSC\fR) or
Service Processor. These platforms use \fBIPsec\fR to secure the communications
between the \fBSC\fR or Service Processor and certain platform-specific daemons
in the domain. Such daemons currently include \fBcvcd\fR(1M) and \fBdcs\fR(1M).
.sp
.LP
The documentation for each platform that supports \fBsckmd\fR describes how to
configure its use of \fBIPsec\fR for such communications. Also, the
documentation for each specific application describes how to configure its
security policies and \fBIPsec\fR options in a manner appropriate for the
target platform. Refer to the platform- and application-specific documentation
for detailed information.