keyserv - server for storing public and private keys
keyserv [ -dkn ]
keyserv is a daemon that is used for storing the private encryption
keys of each user logged into the system. These encryption keys are
used for accessing secure network services such as secure NFS. When a
user logs in to the system, the login(1) program uses the login pass-
word to decrypt the user's encryption key stored in the Network Infor-
mation Service (NIS), and then gives the decrypted key to the keyserv
daemon to store away.
Normally, root's key is read from the file /etc/.rootkey when the dae-
mon starts up. This is useful during power-failure reboots when no one
is around to type a password, yet you still want the secure network
services to operate normally.
-d Prohibit the use of the default key. If this is used then every
machine and user should have a publickey. New publickeys cannot
be created if you do not already have a key. This can be done
globally for an entire domain by deleting the nobody entry from
/etc/publickey on the NIS master. See chkey(1)
-k Remember keylogins across machine reboots. This is only needed
if at(1) is used to schedule jobs that require secure RPC. Use
of this option is not recommended.
-n Do not read root's key from /etc/.rootkey. Instead, prompt the
user for the password to decrypt root 's key stored in the NIS
service and then store the decrypted key in /etc/.rootkey for
future use. This option is useful if the /etc/.rootkey file
ever gets out of date or corrupted.
login(1), keylogin(1), keylogout(1), publickey(5)
The Network Information Service (NIS) was formerly known as Sun Yellow
Pages (YP). The functionality of the two remains the same; only the
name has changed.
9 September 1987 KEYSERV(8C)