GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  AESPASSWD (1)

NAME

aespasswd - Used to create and manage an AES keyfile.

CONTENTS

Synopsis
Options
Description
Keyfile Format
Examples
Security Considerations
Restrictions
See Also
Acknowledgments

SYNOPSIS

aespasswd [-n] [-d] -f keyfile identity

OPTIONS

-n Create the keyfile
-d Delete given identity from keyfile
-f keyfile
  Specifies file that holds identity/key pairs

DESCRIPTION

aespasswd is used to create and manage files that hold identity/key pairs. It is primarily used to manage the bwctld.keys file for bwctld and the owampd.keys file for owampd.

If the -d option is not specified, then aespasswd prompts the caller for a passphrase. The passphrase is hashed using an internal MD5 algorithm to generate a key that is then saved in the keyfile associated with the given identity. If the given identity already exists in the keyfile, the previous key is overwritten with the new one.

keyfiles generated by aespasswd are formatted for use with BWCTL and OWAMP.

KEYFILE FORMAT

aespasswd generates lines of the format:

test    54b0c58c7ce9f2a8b551351102ee0938

An identity, followed by whitespace, followed by a hex encoded 128-bit number, that is suitable to be used as a symmetric AES key.

No other text is allowed on these lines; however, comment lines may be added. Comment lines are any line where the first non-white space character is ’#’.

EXAMPLES

aespasswd -f /usr/local/etc/bwctld.keys testuser
Adds a key for the identity testuser. The user is prompted for a passphrase. If the file does not exist, an error message will be printed and no action will be taken.
aespasswd -f /usr/local/etc/bwctld.keys -n testuser
Creates the file before doing the same as above. If the file already exists, an error message will be printed and no action will be taken.
aespasswd -f /usr/local/etc/bwctld.keys -d testuser
Deletes the identity testuser from the keyfile. If the file does not exist, an error message will be printed and no action will be taken.

SECURITY CONSIDERATIONS

The keys in the keyfile are not encrypted in any way. The security of these keys is completely dependent upon the security of the system and the discretion of the system administrator.

RESTRICTIONS

identity names are restricted to 16 characters, and passphrases are limited to 1024 characters.

SEE ALSO

owping(1), owampd(1), bwctl(1), bwctld(1) and the  http://e2epi.internet2.edu/owamp and  http://e2epi.internet2.edu/bwctl web sites.

ACKNOWLEDGMENTS

This material is based in part on work supported by the National Science Foundation (NSF) under Grant No. ANI-0314723. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the NSF.
Search for    or go to Top of page |  Section 1 |  Main Index


--> AESPASSWD (1) 2004 Feb 8

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.