GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
TANGD-ROTATE-KEYS(1)   TANGD-ROTATE-KEYS(1)

tangd-rotate-keys - Perform rotation of tang keys

tangd-rotate-keys [-h] [-v] -d <KEYDIR>

in order to preserve the security of the system over the long run, you need to periodically rotate your keys. The precise interval at which you should rotate depends upon your application, key sizes and institutional policy. For some common recommendations, see: https://www.keylength.com.

tangd-rotate-keys generates new keys in the key database directory given by the -d option. This is typically /var/db/tang. It also rename the old keys to have a leading . in order to hide them from advertisement.

Tang will immediately pick up all changes. No restart is required.

At this point, new client bindings will pick up the new keys and old clients can continue to utilize the old keys. Once you are sure that all the old clients have been migrated to use the new keys, you can remove the old keys. Be aware that removing the old keys while clients are still using them can result in data loss. You have been warned.

-d <KEYDIR>: The directory with the keys, e.g. /var/db/tang

-h: Display the usage information

-v: Verbose. Display additional info on keys created/rotated

Sergio Correia <scorreia@redhat.com>

tang(8)
04/08/2022  

Search for    or go to Top of page |  Section 1 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.