Blob

Date:
Message:
tmac: rename IM (italic manual) to MR (manual reference) Suggested by G. Brandon Robinson.
Actions:
History | Blame | Raw File
1 .TH SECSTORE 1

2 .SH NAME

3 aescbc, ipso, secstore \- secstore commands

4 .SH SYNOPSIS

5 .B secstore

6 [

7 .B -s

8 .I server

9 ]

10 [

11 .B -(g|G)

12 .I getfile

13 ]

14 [

15 .B -p

16 .I putfile

17 ]

18 [

19 .B -r

20 .I rmfile

21 ]

22 [

23 .B -c

24 ]

25 [

26 .B -u

27 .I user

28 ]

29 [

30 .B -v

31 ]

32 [

33 .B -i

34 ]

35 .PP

36 .B aescbc

37 -e

38 .I <cleartext

39 .I >ciphertext

40 .br

41 .B aescbc

42 -d

43 .I <ciphertext

44 .I >cleartext

45 .PP

46 .B ipso

47 [

48 .B -a -e -l -f

49 ] [

50 .I file

51 \&...

52 ]

53 .SH DESCRIPTION

54 .PP

55 .I Secstore

56 authenticates to the server

57 using a password and optionally a hardware token,

58 then saves or retrieves a file.

59 This is intended to be a credentials store (public/private keypairs,

60 passwords, and other secrets) for a factotum.

61 .PP

62 Option

63 .B -p

64 stores a file on the secstore.

65 .PP

66 Option

67 .B -g

68 retrieves a file to the local directory;

69 option

70 .B -G

71 writes it to standard output instead.

72 Specifying

73 .I getfile

74 of . will send to standard output

75 a list of remote files with dates, lengths and SHA1 hashes.

76 .PP

77 Option

78 .B -r

79 removes a file from the secstore.

80 .PP

81 Option

82 .B -c

83 prompts for a password change.

84 .PP

85 Option

86 .B -v

87 produces more verbose output, in particular providing a few

88 bits of feedback to help the user detect mistyping.

89 .PP

90 Option

91 .B -i

92 says that the password should be read from standard input

93 instead of from 

94 .BR /dev/tty .

95 .PP

96 Option

97 .B -n

98 says that the password should be read from NVRAM

99 (see

100 .MR authsrv (3) )

101 instead of from

102 .BR /dev/tty .

103 .PP

104 The server is

105 .BR tcp!$auth!secstore ,

106 or the server specified by option

107 .BR -s .

108 .PP

109 For example, to add a secret to the file read by

110 .MR factotum (4) ,

111 run

112 .sp

113 .EX

114   % cd somewhere-private

115   % auth/secstore -g factotum

116   secstore password:

117   % echo 'key proto=apop dom=x.com user=ehg !password=hi' >> factotum

118   % auth/secstore -p factotum

119   secstore password:

120   % cat factotum | 9p write -l factotum/ctl

121 .EE

122 .PP

123 and delete the window.

124 The middle commands fetch the persistent copy of the secrets,

125 append a new secret,

126 and save the updated file back to secstore.

127 The final command loads the new secret into the running factotum.

128 .PP

129 The

130 .I ipso

131 command packages this sequence into a convenient script to simplify editing of

132 .I files

133 stored on a secure store.

134 It copies the named

135 .I files

136 into a private directory,

137 plumbs them to the editor,

138 and waits for a line on the console

139 Once a line is typed,

140 signifying that editing is complete,

141 .I ipso

142 prompts the user to confirm copying modifed or newly created files back to

143 .I secstore.

144 If no

145 .I file

146 is mentioned,

147 .I ipso

148 grabs all the user's files from

149 .I secstore

150 for editing.

151 .PP

152 By default, ipso will edit the

153 .I secstore

154 files and, if

155 one of them is named

156 .BR factotum ,

157 flush current keys from factotum and load

158 the new ones from the file.

159 If the 

160 .BR -e ,

161 .BR -f ,

162 or

163 .BR -l

164 options are given,

165 .I ipso

166 will just perform only the requested operations, i.e.,

167 edit, flush, and/or load.

168 .PP

169 The

170 .B -a

171 option of

172 .I ipso

173 provides a similar service for files encrypted by

174 .I aescbc

175 .RI ( q.v. ).

176 With the

177 .B -a

178 option, the full rooted pathname of the

179 .I file

180 must be specified and all

181 .I files

182 must be encrypted with the same key.

183 Also with

184 .BR -a ,

185 newly created files are ignored.

186 .PP

187 .I Aescbc

188 encrypts and decrypts using AES (Rijndael) in cipher

189 block chaining (CBC) mode.

190 .SH SOURCE

191 .B \*9/bin/ipso

192 .br

193 .B \*9/src/cmd/auth/secstore

194 .SH SEE ALSO

195 .MR factotum (4) ,

196 .MR secstored (1)

197 .SH BUGS

198 There is deliberately no backup of files on the secstore, so

199 .B -r

200 (or a disk crash) is irrevocable.  You are advised to store

201 important secrets in a second location.

202 .PP

203 When using

204 .IR ipso ,

205 secrets will appear as plain text in the editor window,

206 so use the command in private.

207 .PP

208 Establishing a private directory in which to store the secret

209 files is difficult on Unix.

210 On most systems,

211 .I ipso

212 creates a mode 700 directory

213 .BI /tmp/ipso. user

214 and works there.

215 On Linux systems,

216 .I ipso

217 looks for a

218 .B tmpfs

219 file system; if it exists, 

220 .I ipso

221 creates the

222 .BI ipso. user

223 directory in its root

224 instead of

225 .BR /tmp .

226 .PP

227 .I Ipso

228 should zero the secret files before removing them.