NAME | SYNOPSIS | DESCRIPTION | OPTIONS | EXAMPLES | EXIT STATUS | ATTRIBUTES | SEE ALSO
The keygen utility has three purposes:
Using the -c flag, to generate and store per-client 3DES/AES encryption keys, avoiding any DES weak keys.
Using the -m flag, to generate and store a “master” HMAC SHA-1 key for WAN install, and to derive from the master key per-client HMAC SHA-1 hashing keys, in a manner described in RFC 3118, Appendix A.
Using the -d flag along with either the -c or -m flag to indicate the key repository, to display a key of type specified by keytype, which must be one of 3des, aes, or sha1.
The net and cid arguments are used to identify a specific client. Both arguments are optional. If the cid option is not provided, the key being created or displayed will have a per-network scope. If the net option is not provided, then the key will have a global scope. Default net and code values are used to derive an HMAC SHA-1 key if the values are not provided by the user.
The following options are supported:
Generate and store per-client 3DES/AES encryption keys, avoiding any DES weak keys. Also generates and stores per-client HMAC SHA-1 keys. Used in conjunction with -o.
Display a key of type specified by keytype, which must be one of 3des, aes, or sha1. Use -d with -m or with -c and -o.
Generate and store a “master” HMAC SHA-1 key for WAN install.
Specifies the WANboot client and/or keytype.
# keygen -m |
# keygen -c -o net=129.148.174.0,cid=010003BA0E6A36,type=sha1 # keygen -d -c -o net=129.148.174.0,cid=010003BA0E6A36,type=sha1 |
# keygen -c -o net=129.148.174.0,type=3des # keygen -d -o net=129.148.174.0,type=3des |
See attributes(5) for descriptions of the following attributes:
ATTRIBUTE TYPE | ATTRIBUTE VALUE |
---|---|
Availability | SUNWwbsup |
Interface Stability |
Obsolete |
NAME | SYNOPSIS | DESCRIPTION | OPTIONS | EXAMPLES | EXIT STATUS | ATTRIBUTES | SEE ALSO