NEWKEY(8) Maintenance Commands and Procedures NEWKEY(8)
NAME
newkey - create a new Diffie-Hellman key pair in the publickey
database
SYNOPSIS
newkey -h hostname [
-s nis | files | ldap]
newkey -u username [
-s nis | files | ldap]
DESCRIPTION
newkey establishes new public keys for users and machines on the
network. These keys are needed when using secure
RPC or secure
NFS service.
newkey prompts for a password for the given
username or
hostname and
then creates a new public/secret Diffie-Hellman 192 bit key pair for
the user or host. The secret key is encrypted with the given
password. The key pair can be stored in the
/etc/publickey file or
the NIS
publickey map.
newkey consults the
publickey entry in the name service switch
configuration file (see
nsswitch.conf(5)) to determine which naming
service is used to store the secure
RPC keys. If the
publickey entry
specifies a unique name service,
newkey will add the key in the
specified name service. However, if there are multiple name services
listed,
newkey cannot decide which source to update and will display
an error message. The user is required to specify the source
explicitly with the
-s option.
In the case of NIS,
newkey should be run by the superuser on the
master NIS server for that domain.
In the case of LDAP,
newkey should be run by the superuser on a
machine that also recognizes the directory manager's bind
distinguished name (DN) and password to perform an LDAP update for
the host.
OPTIONS
-h hostname Create a new public/secret key pair for the privileged
user at the given
hostname. Prompts for a password for
the given
hostname.
-u username Create a new public/secret key pair for the given
username. Prompts for a password for the given
username.
-s nis -s files -s ldap Update the database in the specified source:
nis (for
NIS),
files, or
ldap (LDAP). Other sources may be
available in the future.
SEE ALSO
chkey(1),
keylogin(1),
nsswitch.conf(5),
publickey(5),
attributes(7) February 25, 2017 NEWKEY(8)
