1 .TH SECSTORED 1
2 .SH NAME
3 secstored, secuser \- secstore commands
4 .SH SYNOPSIS
5 .br
6 .B secstored
7 [-R]
8 [-S servername]
9 [-s tcp!*!5356]
10 [-x mountpoint]
11 .br
12 .B secuser
13 [-v]
14 username
15 .br
16 .PP
17 .SH DESCRIPTION
18 .PP
19 .I Secstored
20 serves requests from
21 .MR secstore (1) .
22 The
23 .B -R
24 option supplements the password check with a
25 call to a RADIUS server, for checking hardware
26 tokens or other validation.
27 The
28 .BR -x mountpoint
29 option specifies an alternative to the default network
30 .BR /net .
31 .PP
32 .I Secuser
33 is an administrative command that runs on the
34 secstore machine, normally the authserver,
35 to create new accounts and
36 to change status on existing accounts.
37 It prompts for account information such as
38 password and expiration date, writing to
39 .BR \*9/secstore/who/$uid .
40 The
41 .B \*9/secstore
42 directory should be created mode 770 for the userid
43 or groupid of the secstored process.
44 .PP
45 By default,
46 .I secstored
47 warns the client if no account exists.
48 If you prefer to obscure this information, use
49 .I secuser
50 to create an account
51 .BR FICTITIOUS .
52 .SH FILES
53 .B \*9/secstore/who/$uid
54 secstore account name, expiration date, verifier
55 .br
56 .B \*9/secstore/store/$uid/
57 users' files
58 .br
59 .B \*9/ndb/auth
60 for mapping local userid to RADIUS userid
61 .SH SOURCE
62 .B \*9/src/cmd/auth/secstore
63 .SH SEE ALSO
64 .MR secstore (1)