JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
System Administration Guide: Naming and Directory Services (NIS+)
search filter icon
search icon

Document Information


Part I About Naming and Directory Services

1.  Name Service Switch

Part II NIS+ Setup and Configuration

2.  NIS+: An Introduction

3.  NIS+ Setup Scripts

4.  Configuring NIS+ With Scripts

5.  Setting Up the NIS+ Root Domain

6.  Configuring NIS+ Clients

7.  Configuring NIS+ Servers

8.  Configuring an NIS+ Non-Root Domain

9.  Setting Up NIS+ Tables

Part III NIS+ Administration

10.  NIS+ Tables and Information

11.  NIS+ Security Overview

12.  Administering NIS+ Credentials

13.  Administering NIS+ Keys

NIS+ Keys

Keylogin With NIS+

Changing Keys for an NIS+ Principal

Changing the NIS+ Keys

Changing NIS+ Root Keys From Root

Changing Root Keys From Another NIS+ Machine

Changing the Keys of an NIS+ Root Replica From the Replica

Changing the Keys of an NIS+ Non-Root Server

Updating Public Keys for NIS+

nisupdkeys Command

Updating Public Keys Arguments and Examples in NIS+

Updating IP Addresses in NIS+

Updating NIS+ Client Key Information

Globally Updating NIS+ Client Key Information

How to Update Client Key Information

14.  Administering Enhanced NIS+ Security Credentials

15.  Administering NIS+ Access Rights

16.  Administering NIS+ Passwords

17.  Administering NIS+ Groups

18.  Administering NIS+ Directories

19.  Administering NIS+ Tables

20.  NIS+ Server Use Customization

21.  NIS+ Backup and Restore

22.  Removing NIS+

23.  Information in NIS+ Tables

24.  NIS+ Troubleshooting

A.  NIS+ Error Messages

About NIS+ Error Messages

Common NIS+ Namespace Error Messages

B.  Updates to NIS+ During the Solaris 10 Release

Solaris 10 and NIS+



Changing Keys for an NIS+ Principal

The chkey command changes an NIS+ principal's public and private keys that are stored in the cred table. It does not affect the principal's entry either in the passwd table or in the /etc/passwd file.

The chkey command:

See the man pages for more information on these subjects.

Note - In an NIS+ environment, when you change your login password with any of the current administration tools or the passwd (or nispasswd) commands, your private key in the cred table is automatically re-encrypted with the new password for you. Thus, you do not need to explicitly run chkey after a change of login password.

The chkey command interacts with the keyserver, the cred table, and the passwd table.

In order to run chkey, you:

To use the chkey command to re-encrypt your private key with your login password, you first run keylogin using the original password, and then use chkey -p, as shown in Table 13-1, which illustrates how to perform a keylogin and chkey for a principal user.

Table 13-1 Re-encrypting Your NIS+ Private Key: Command Summary

Log in.
Sirius% login Login-name
Provide login password.
If login password and Secure RPC password are different, perform a keylogin.
Sirius% keylogin
Provide the original password that was used to encrypt the private key.
Password: Secure RPC password
Run chkey.
Sirius% chkey -p Updating nisplus publickey database Updating new key for ''.
Enter login password.
Enter login password: login-password
Re-enter login password
Retype password: