key_gendes man page on HP-UX

Printed from http://www.polarhome.com/service/man/?qf=key_gendes&af=0&tf=2&of=HP-UX

secure_rpc(3N)							secure_rpc(3N)

NAME
       secure_rpc:   authdes_getucred(),   authdes_seccreate(),	 getnetname(),
       host2netname(),	key_decryptsession(),  key_encryptsession(),  key_gen‐
       des(),  key_setsecret(),	 key_secretkey_is_set(),  netname2host(), net‐
       name2user(), user2netname() - library routines for secure remote proce‐
       dure calls

SYNOPSIS

DESCRIPTION
       RPC  library routines allow C programs to make procedure calls on other
       machines across the network.

       RPC supports various authentication flavors.  Among them are:

	      No authentication (none).
	      Traditional UNIX-style authentication.
	      DES encryption-based authentication.

       The and routines implement the authentication  flavor.	The  keyserver
       daemon  (see keyserv(1M)) must be running for the authentication system
       to work, and keylogin(1) must have been run.  Only the style of authen‐
       tication	 is  discussed	here.  For information about the and styles of
       authentication, refer to rpc_clnt_auth(3N).

       The routines documented on this page are Thread Safe.   For  the	 other
       authentication styles, see the section of the routines' respective man‐
       ual pages.

       The HP-UX implementation of RPC	only  supports	the  X/Open  Transport
       Interface  (XTI).   Applications	 that  are written using the Transport
       Layer Interface (TLI) and wish to use RPC, must convert their  applica‐
       tion to XTI.

   Routines
       See rpc(3N) for the definition of the data structure.

       This is the first of two functions that interface to the
	      RPC  secure  authentication  system  The second is the function.
	      The function is used on the server side to  convert  an  creden‐
	      tial,  which  is operating system independent, to an credential.
	      The function returns if it succeeds, if it fails.

	      The parameter is set to the user's numerical ID associated  with
	      adc.   The  parameter  is	 set to the numerical ID of the user's
	      group.  The parameter contains the numerical IDs	of  the	 other
	      groups  to  which the user belongs.  The is set to the number of
	      valid group ID entries specified by the parameter.

	      The function fails if the structure was created with the netname
	      of  a host.  In such a case, should be used to get the host name
	      from the host netname in the structure.

       The second of two
	      authentication functions, the function is	 used  on  the	client
	      side to return an authentication handle that will enable the use
	      of the secure authentication system.  The first parameter, name,
	      specifies	 the  network  name netname of the owner of the server
	      process.	This field usually represents a hostname derived  from
	      the utility, but could also represent a user name converted with
	      the utility.

	      The second parameter, window,  specifies	the  validity  of  the
	      client credential in seconds.  If the difference in time between
	      the client's clock and the server's clock	 exceeds  window,  the
	      server  rejects the client's credentials and the clock will have
	      to be resynchronized.  A small window  is	 more  secure  than  a
	      large  one,  but	choosing too small a window increases the fre‐
	      quency of resynchronization due to clock drift.

	      The third	 parameter,  timehost,	is  the	 host's	 name  and  is
	      optional.	  If  timehost	is  NULL,  the	authentication	system
	      assumes that the local clock is always in sync with the timehost
	      clock, and does not attempt resynchronization.  If a timehost is
	      supplied, the system consults the remote time  service  whenever
	      resynchronization	 is  required.	The timehost parameter is usu‐
	      ally the name of the host on which the server is running.

	      The final parameter, ckey, is also optional.  If ckey  is	 NULL,
	      the  authentication  system will generate a random DES key to be
	      used for the encryption of credentials.  If ckey is supplied, it
	      is used for encryption.

	      If fails, it returns NULL.

       This function returns the unique, operating system independent netname
	      of  the  caller  in  the	fixed-length array name.  The function
	      returns if it succeeds and if it fails.

       This function converts a domain-specific hostname
	      host to an operating system independent netname.	 The  function
	      returns  if  it  succeeds	 and if it fails.  The function is the
	      inverse of the function.	 If  the  domain  is  NULL,  uses  the
	      default  domain  name  of	 the  machine.	 If  host  is NULL, it
	      defaults to that machine itself.	If domain is NULL and host  is
	      an NIS name such as the function uses the domain rather than the
	      default domain name of the machine.

       This function is an interface to the keyserver daemon, which is
	      associated with RPC's secure authentication  system  authentica‐
	      tion).   User  programs  rarely  need  to call or the associated
	      functions and

	      The function takes a server netname remotename  and  a  DES  key
	      deskey,  and  decrypts  the  key	by using the public key of the
	      server and the secret key associated with the effective  UID  of
	      the  calling  process.  The function is the inverse of the func‐
	      tion.  The function returns if it succeeds, if it fails.

       This function is a keyserver interface routine that takes a server net‐
       name
	      remotename  and a DES key deskey, and encrypts the key using the
	      public key of the server and the secret key associated with  the
	      effective UID of the calling process.  If the keyserver does not
	      have a key registered for the UID, it falls back	to  using  the
	      secret  key  for	the  netname unless this feature has been dis‐
	      abled.  See keyserv(1M).	The function is	 the  inverse  of  the
	      function.	 The function returns if it succeeds, if it fails.

       This is a keyserver interface function used to ask the keyserver for a
	      secure conversation key.	Selecting a conversation key at random
	      is generally not secure because the common ways of choosing ran‐
	      dom  numbers  are too easy to guess.  The function returns if it
	      succeeds, if it fails.

       This is a keyserver interface function used to set the key for the
	      effective UID of the calling process.  This function returns  if
	      it succeeds, if it fails.

       This is a keyserver interface function used to determine if a key
	      has  been	 set for the effective UID of the calling process.  If
	      the keyserver has a key stored for  the  effective  UID  of  the
	      calling process, the function returns Otherwise it returns

       This function converts an operating system independent netname
	      name  to a domain-specific hostname host.	 The hostlen parameter
	      is the maximum size of host.  The function returns  if  it  suc‐
	      ceeds and if it fails.  The function is the inverse of the func‐
	      tion.

       This function converts an operating system independent netname to a
	      domain-specific user ID.	The function returns  if  it  succeeds
	      and if it fails.	The function is the inverse of the function.

	      The  parameter is set to the user's numerical ID associated with
	      name.  The parameter is set to the numerical ID  of  the	user's
	      group.   The gidlist parameter contains the numerical IDs of the
	      other groups to which the user belongs.  The parameter is set to
	      the  number  of  valid group ID entries specified by the gidlist
	      parameter.

       This function converts a domain-specific username to an operating
	      system independent netname.  The function returns if it succeeds
	      and if it fails.	The function is the inverse of the function.

MULTITHREAD USAGE
       Thread Safe:	     Yes
       Cancel Safe:	     Yes
       Fork Safe:	     No
       Async-cancel Safe:    No
       Async-signal Safe:    No

       These  functions	 can  be called safely in a multithreaded environment.
       They may be cancellation points in that they call  functions  that  are
       cancel points.

       In  a  multithreaded  environment,  these  functions are not safe to be
       called by a child process after and before These functions  should  not
       be  called  by  a  multithreaded application that supports asynchronous
       cancellation or asynchronous signals.

SEE ALSO
       chkey(1), keyserv(1M), newkey(1M), rpc(3N), rpc_clnt_auth(3N).

								secure_rpc(3N)
[top]

List of man pages available for HP-UX

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net