commit c9d04e0935165a98faded6c5a4ec8796721c9c8b from: rsc date: Mon Feb 14 00:00:02 2005 UTC new commit - c800cb7bacdf7638fcc2c639ca5b8c9e83221e4f commit + c9d04e0935165a98faded6c5a4ec8796721c9c8b blob - /dev/null blob + f6843b399b444aa70093eb331cb9e27cb694e472 (mode 644) --- /dev/null +++ man/man1/passwd.1 @@ -0,0 +1,44 @@ +.TH PASSWD 1 +.SH NAME +passwd, netkey \- change user password +.SH SYNOPSIS +.B passwd +[ +.I username\fR[@\fPdomain\fR]\fP +] +.PP +.B netkey +.SH DESCRIPTION +.I Passwd +changes the invoker's Plan 9 password and/or APOP secret. +The Plan 9 password is used to login to a terminal while +the APOP secret is used for a number of external services: +POP3, IMAP, and VPN access. The optional argument specifies +the user name and authentication domain to use if different +than the one associated with the machine +.I passwd +is run on. +.PP +The program first prompts for the old Plan 9 password in the specified +domain to establish +identity. +It then prompts for changes to the password and the +secret. +New passwords and secrets must be typed twice, to forestall mistakes. +New passwords must be sufficiently hard to guess. +They may be of any length greater than seven characters. +.PP +.I Netkey +prompts for a password to encrypt network challenges. +It is a substitute for a SecureNet box. +.SH SOURCE +.B \*9/src/cmd/netkey.c +.br +.B \*9/src/cmd/auth/passwd.c +.SH "SEE ALSO" +.IR encrypt (3) +.PP +Robert Morris and Ken Thompson, +``UNIX Password Security,'' +.I AT&T Bell Laboratories Technical Journal +Vol 63 (1984), pp. 1649-1672 blob - /dev/null blob + dd5b707a3e3863436ba28cd29b0cd027822049c1 (mode 644) --- /dev/null +++ man/man1/ssh-agent.1 @@ -0,0 +1,137 @@ +.TH SSH-AGENT 1 +.SH NAME +ssh-agent \- SSH authentication agent +.SH SYNOPSIS +.B ssh-agent +[ +.B -l +] +.I factotum-service +.SH DESCRIPTION +.I Ssh-agent +presents +.IR factotum (4) +using the interface that +.IR ssh (1) +requires. +.PP +Once +.I ssh-agent +and +.I factotum +are running, the standard Unix SSH client +can use +.I ssh-agent +(and, indirectly, +.IR factotum ) +to authenticate to remote systems using RSA or DSA keys. +.PP +.I Ssh +accesses +.I ssh-agent +via a Unix socket posted in a private subdirectory of +.B /tmp . +.I Ssh +expects this socket to be in the environment as +.BR $SSH_AGENT_SOCK , +and expects the agent to be running with process id +.BR $SSH_AGENT_PID . +.I Ssh-agent +prints shell commands to set these two variables +before forking itself into the background. +It is typically invoked inside a shell +.B eval +construct; see the examples below. +The +.B -e +option causes +.I ssh-agent +to include +.B export +commands to put the variables into the environment of future programs. +.PP +If the +.B -l +option is given, +.I ssh-agent +lists the usable +.I factotum +keys in the standard SSH format, suitable for creating an +.B authorized_keys +file. +.PP +.I Ssh-agent +connects to +.I factotum +by accessing +.I factotum-service +(default +.RB ` factotum ') +in the current name space. +.PP +There is a Unix program called +.I ssh-agent +that manages SSH keys itself. +Invoke this one with +.B 9 +.BR ssh-agent ; +see +.IR 9 (1). +.SH EXAMPLES +Assume +.IR factotum (4) +is already running and initialized with keys. +.PP +Start a new agent, copying the commands by hand: +.IP +.EX +$ 9 ssh-agent -e +SSH_AUTH_SOCK=/tmp/ssh-405795003d7ee27a/agent.4233; +export SSH_AUTH_SOCK; +SSH_AGENT_PID=4233; +export SSH_AGENT_PID; +$ SSH_AUTH_SOCK=/tmp/ssh-405795003d7ee27a/agent.4233; +$ export SSH_AUTH_SOCK; +$ SSH_AGENT_PID=4233; +$ export SSH_AGENT_PID; +$ +.EE +.PP +Start the agent from +.IR sh (1): +.IP +.EX +$ eval `9 ssh-agent -e` +$ +.EE +.PP +Start the agent from +.IR rc (1): +.IP +.EX +% eval `{9 ssh-agent} +% +.EE +.PP +Use the agent to connect to a remote system: +.IP +.EX +% ssh tux +tux% ^D +% +.EE +.SH SOURCE +.B \*9/src/cmd/auth/ssh-agent.c +.SH SEE ALSO +.IR ssh (1), +.IR rsa (1), +.IR factotum (4) +.SH BUGS +A surprise rather than a bug: +.I ssh-agent +connects to factotum on demand, so it can be +started before +.I factotum +is running and need not be restarted just because +.I factotum +is.