JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
man pages section 1: User Commands     Oracle Solaris 11.1 Information Library
search filter icon
search icon

Document Information

Preface

Introduction

User Commands

acctcom(1)

adb(1)

addbib(1)

admin(1)

alias(1)

allocate(1)

amt(1)

appcert(1)

apptrace(1)

apropos(1)

ar(1)

arch(1)

as(1)

asa(1)

at(1)

atq(1)

atrm(1)

audioconvert(1)

audioctl(1)

audioplay(1)

audiorecord(1)

audiotest(1)

auths(1)

auto_ef(1)

awk(1)

banner(1)

basename(1)

basename(1B)

batch(1)

bc(1)

bdiff(1)

bfs(1)

bg(1)

biff(1B)

break(1)

builtin(1)

cal(1)

calendar(1)

case(1)

cat(1)

cd(1)

cdc(1)

cdrw(1)

chdir(1)

checkeq(1)

checknr(1)

chgrp(1)

chkey(1)

chmod(1)

chown(1)

chown(1B)

ckdate(1)

ckgid(1)

ckint(1)

ckitem(1)

ckkeywd(1)

ckpath(1)

ckrange(1)

ckstr(1)

cksum(1)

cktime(1)

ckuid(1)

ckyorn(1)

clear(1)

cmp(1)

col(1)

comb(1)

comm(1)

command(1)

compress(1)

continue(1)

cp(1)

cpio(1)

cpp(1)

cputrack(1)

crle(1)

crontab(1)

csh(1)

csplit(1)

ct(1C)

ctags(1)

ctrun(1)

ctstat(1)

ctwatch(1)

cu(1C)

cut(1)

date(1)

dc(1)

deallocate(1)

decrypt(1)

delta(1)

deroff(1)

df(1B)

dhcpinfo(1)

diff(1)

diff3(1)

diffmk(1)

digest(1)

digestp(1)

dircmp(1)

dirname(1)

dirs(1)

dis(1)

disown(1)

dispgid(1)

dispuid(1)

dos2unix(1)

dpost(1)

du(1)

du(1B)

dump(1)

dumpcs(1)

dumpkeys(1)

echo(1)

echo(1B)

ed(1)

edit(1)

egrep(1)

eject(1)

elfdump(1)

elfedit(1)

elffile(1)

elfsign(1)

elfwrap(1)

encrypt(1)

enhance(1)

env(1)

eqn(1)

errange(1)

errdate(1)

errgid(1)

errint(1)

erritem(1)

error(1)

errpath(1)

errstr(1)

errtime(1)

erruid(1)

erryorn(1)

eval(1)

ex(1)

exec(1)

exit(1)

expand(1)

export(1)

exportfs(1B)

expr(1)

expr(1B)

exstr(1)

factor(1)

false(1)

fastboot(1B)

fasthalt(1B)

fc(1)

fg(1)

fgrep(1)

file(1)

file(1B)

filebench(1)

filep(1)

filesync(1)

filofaxp(1)

find(1)

finger(1)

fmt(1)

fmtmsg(1)

fold(1)

for(1)

foreach(1)

franklinp(1)

from(1B)

ftp(1)

function(1)

gcore(1)

gencat(1)

geniconvtbl(1)

genmsg(1)

get(1)

getconf(1)

getfacl(1)

getlabel(1)

getopt(1)

getoptcvt(1)

getopts(1)

gettext(1)

gettxt(1)

getzonepath(1)

glob(1)

goto(1)

gprof(1)

grep(1)

groups(1)

groups(1B)

grpck(1B)

hash(1)

hashcheck(1)

hashmake(1)

hashstat(1)

head(1)

helpdate(1)

helpgid(1)

helpint(1)

helpitem(1)

helppath(1)

helprange(1)

helpstr(1)

helptime(1)

helpuid(1)

helpyorn(1)

hist(1)

history(1)

hostid(1)

hostname(1)

i386(1)

i486(1)

iconv(1)

if(1)

indxbib(1)

install(1B)

ipcrm(1)

ipcs(1)

isainfo(1)

isalist(1)

jobs(1)

join(1)

jsh(1)

kbd(1)

kdestroy(1)

keylogin(1)

keylogout(1)

kill(1)

kinit(1)

klist(1)

kmdb(1)

kmfcfg(1)

kpasswd(1)

krb5-config(1)

ksh(1)

ksh88(1)

ksh93(1)

ktutil(1)

kvno(1)

lari(1)

last(1)

lastcomm(1)

ld(1)

ldapadd(1)

ldapdelete(1)

ldaplist(1)

ldapmodify(1)

ldapmodrdn(1)

ldapsearch(1)

ldd(1)

ld.so.1(1)

let(1)

lex(1)

lgrpinfo(1)

limit(1)

line(1)

list_devices(1)

listusers(1)

llc2_autoconfig(1)

llc2_config(1)

llc2_stats(1)

ln(1)

ln(1B)

loadkeys(1)

locale(1)

localedef(1)

logger(1)

logger(1B)

login(1)

logname(1)

logout(1)

look(1)

lookbib(1)

lorder(1)

ls(1)

ls(1B)

m4(1)

mac(1)

mach(1)

machid(1)

madv.so.1(1)

mail(1)

Mail(1B)

mail(1B)

mailcompat(1)

mailp(1)

mailq(1)

mailstats(1)

mailx(1)

make(1S)

makekey(1)

man(1)

mconnect(1)

mcs(1)

mdb(1)

mesg(1)

mkdir(1)

mkmsgs(1)

mkstr(1B)

mktemp(1)

moe(1)

more(1)

mp(1)

mpss.so.1(1)

msgcc(1)

msgcpp(1)

msgcvt(1)

msgfmt(1)

msggen(1)

msgget(1)

mt(1)

mv(1)

nawk(1)

nc(1)

ncab2clf(1)

ncakmod(1)

neqn(1)

netcat(1)

newform(1)

newgrp(1)

newsp(1)

newtask(1)

nice(1)

nl(1)

nm(1)

nohup(1)

notify(1)

nroff(1)

od(1)

on(1)

onintr(1)

optisa(1)

pack(1)

packagemanager(1)

page(1)

pagesize(1)

pargs(1)

passwd(1)

paste(1)

patch(1)

pathchk(1)

pax(1)

pcat(1)

pcred(1)

perl(1)

pfbash(1)

pfcsh(1)

pfexec(1)

pfiles(1)

pfksh(1)

pflags(1)

pfsh(1)

pftcsh(1)

pfzsh(1)

pg(1)

pgrep(1)

pkcs11_inspect(1)

pkg(1)

pkgdepend(1)

pkgdiff(1)

pkgfmt(1)

pkginfo(1)

pkglint(1)

pkgmerge(1)

pkgmk(1)

pkgmogrify(1)

pkgparam(1)

pkgproto(1)

pkgrecv(1)

pkgrepo(1)

pkgsend(1)

pkgsign(1)

pkgtrans(1)

pkill(1)

pklogin_finder(1)

pktool(1)

plabel(1)

pldd(1)

plgrp(1)

plimit(1)

pmadvise(1)

pmap(1)

pm-updatemanager(1)

popd(1)

ppgsz(1)

ppriv(1)

pr(1)

praliases(1)

prctl(1)

preap(1)

print(1)

printenv(1B)

printf(1)

priocntl(1)

proc(1)

prof(1)

profiles(1)

projects(1)

prs(1)

prt(1)

prun(1)

ps(1)

ps(1B)

psig(1)

pstack(1)

pstop(1)

ptime(1)

ptree(1)

pushd(1)

pvs(1)

pwait(1)

pwd(1)

pwdx(1)

radadrgen(1)

ranlib(1)

rcapstat(1)

rcp(1)

read(1)

readonly(1)

red(1)

refer(1)

regcmp(1)

rehash(1)

remote_shell(1)

remsh(1)

renice(1)

repeat(1)

reset(1B)

return(1)

rksh(1)

rksh88(1)

rlogin(1)

rm(1)

rmail(1)

rmdel(1)

rmdir(1)

rmformat(1)

rmmount(1)

rmumount(1)

roffbib(1)

roles(1)

rpcgen(1)

rpm2cpio(1)

rsh(1)

runat(1)

rup(1)

rup(1C)

ruptime(1)

rusage(1B)

rusers(1)

rwho(1)

sact(1)

sar(1)

sccs(1)

sccs-admin(1)

sccs-cdc(1)

sccs-comb(1)

sccs-delta(1)

sccsdiff(1)

sccs-get(1)

sccs-help(1)

sccshelp(1)

sccs-prs(1)

sccs-prt(1)

sccs-rmdel(1)

sccs-sact(1)

sccs-sccsdiff(1)

sccs-unget(1)

sccs-val(1)

scp(1)

script(1)

sdiff(1)

sed(1)

sed(1B)

select(1)

set(1)

setenv(1)

setfacl(1)

setlabel(1)

setpgrp(1)

settime(1)

sftp(1)

sh(1)

shcomp(1)

shell_builtins(1)

shift(1)

shutdown(1B)

size(1)

sleep(1)

soelim(1)

sort(1)

sortbib(1)

sotruss(1)

source(1)

sparc(1)

spell(1)

spellin(1)

split(1)

srchtxt(1)

ssh(1)

ssh-add(1)

ssh-agent(1)

ssh-http-proxy-connect(1)

ssh-keygen(1)

ssh-keyscan(1)

ssh-socks5-proxy-connect(1)

stop(1)

strchg(1)

strconf(1)

strings(1)

strip(1)

stty(1)

stty(1B)

sum(1)

sum(1B)

sun(1)

suspend(1)

svcprop(1)

svcs(1)

switch(1)

symorder(1)

sys-suspend(1)

sysV-make(1)

t300(1)

t300s(1)

t4014(1)

t450(1)

tabs(1)

tail(1)

talk(1)

tar(1)

tbl(1)

tcopy(1)

tee(1)

tek(1)

telnet(1)

test(1)

test(1B)

tftp(1)

time(1)

timemanp(1)

times(1)

timesysp(1)

timex(1)

tip(1)

touch(1)

touch(1B)

tplot(1)

tput(1)

tr(1)

tr(1B)

trap(1)

troff(1)

true(1)

truss(1)

tset(1B)

tsort(1)

tty(1)

type(1)

typeset(1)

ul(1)

ulimit(1)

umask(1)

unalias(1)

uname(1)

uncompress(1)

unexpand(1)

unget(1)

unhash(1)

unifdef(1)

uniq(1)

units(1)

unix2dos(1)

unlimit(1)

unpack(1)

unset(1)

unsetenv(1)

until(1)

updatehome(1)

uptime(1)

userattr(1)

users(1B)

uucp(1C)

uudecode(1C)

uuencode(1C)

uuglist(1C)

uulog(1C)

uuname(1C)

uupick(1C)

uustat(1C)

uuto(1C)

uux(1C)

vacation(1)

val(1)

valdate(1)

valgid(1)

valint(1)

valpath(1)

valrange(1)

valstr(1)

valtime(1)

valuid(1)

valyorn(1)

vc(1)

vedit(1)

ver(1)

vgrind(1)

vi(1)

view(1)

vipw(1B)

volcheck(1)

volrmmount(1)

w(1)

wait(1)

wc(1)

what(1)

whatis(1)

whence(1)

whereis(1B)

which(1)

while(1)

who(1)

whoami(1B)

whocalls(1)

whois(1)

write(1)

xargs(1)

xgettext(1)

xstr(1)

yacc(1)

yes(1)

ypcat(1)

ypmatch(1)

yppasswd(1)

ypwhich(1)

zcat(1)

zlogin(1)

zonename(1)

zonestat(1)

keylogin

- decrypt and store secret key with keyserv

Synopsis

/usr/bin/keylogin [-r]

Description

The keylogin command prompts for a password, and uses it to decrypt the user's secret key. The key can be found in the /etc/publickey file (see publickey(4)) or the NIS map ``publickey.byname'' in the user's home domain. The sources and their lookup order are specified in the /etc/nsswitch.conf file. See nsswitch.conf(4). Once decrypted, the user's secret key is stored by the local key server process, keyserv(1M). This stored key is used when issuing requests to any secure RPC services, such as NFS. The program keylogout(1) can be used to delete the key stored by keyserv .

keylogin fails if it cannot get the caller's key, or the password given is incorrect. For a new user or host, a new key can be added using newkey(1M).

If multiple authentication mechanisms are configured for the system, each of the configured mechanism's secret key is decrypted and stored by keyserv(1M).

Options

The following options are supported:

-r

Update the /etc/.rootkey file. This file holds the unencrypted secret key of the superuser. Only the superuser can use this option. It is used so that processes running as superuser can issue authenticated requests without requiring that the administrator explicitly run keylogin as superuser at system startup time. See keyserv(1M). The -r option should be used by the administrator when the host's entry in the publickey database has changed, and the /etc/.rootkey file has become out-of-date with respect to the actual key pair stored in the publickey database. The permissions on the /etc/.rootkey file are such that it can be read and written by the superuser but by no other user on the system.

If multiple authentication mechanisms are configured for the system, each of the configured mechanism's secret keys is stored in the /etc/.rootkey file.

Files

/etc/.rootkey

superuser's secret key

Attributes

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPE
ATTRIBUTE VALUE
Availability
system/core-os

See Also

chkey(1), keylogout(1), login(1), keyserv(1M), newkey(1M), nsswitch.conf(4), publickey(4), attributes(5)