chkey - change user's secure RPC key pair
chkey [ -p ] [ -s nisplus | nis | files ]
chkey is used to change a user's secure RPC public key and secret key
pair. chkey prompts for the old secure-rpc password and verifies that
it is correct by decrypting the secret key. If the user has not
already keylogged in, chkey registers the secret key with the local
keyserv(1M) daemon. If the secure-rpc password does not match the
login password, chkey prompts for the login password. chkey uses the
login password to encrypt the user's secret Diffie-Hellman (192 bit)
chkey ensures that the login password and the secure-rpc password are
kept the same.
The key pair can be stored in the /etc/publickey file, (see
publickey(4)), NIS publickey map or NIS+ cred.org_dir table. If a new
secret key is generated, it will be registered with the local
If the source of the publickey is not specified with the -s option,
chkey consults the publickey entry in the name service switch
configuration file (see nsswitch.conf(4)). If the publickey entry
specifies one and only one source, then chkey will change the key in
the specified name service. However, if multiple name services are
listed, chkey can not decide which source to update and will display
an error message. The user should specify the source explicitly with
the -s option.
Non root users are not allowed to change their key pair in the
-p Re-encrypt the existing secret key with the user's
-s nisplus Update the NIS+ database.
-s nis Update the NIS database.
-s files Update the files database.
chkey was developed by Sun Microsystems, Inc.
Hewlett-Packard Company - 1 - HP-UX Release 11i: November 2000
keylogin(1), keylogout(1), keyserv(1M), newkey(1M), nisaddcred(1M),
Hewlett-Packard Company - 2 - HP-UX Release 11i: November 2000