tnew - plan9port - [fork] Plan 9 from user space | |
git clone git://src.adamsgaard.dk/plan9port | |
Log | |
Files | |
Refs | |
README | |
LICENSE | |
--- | |
commit c9d04e0935165a98faded6c5a4ec8796721c9c8b | |
parent c800cb7bacdf7638fcc2c639ca5b8c9e83221e4f | |
Author: rsc <devnull@localhost> | |
Date: Mon, 14 Feb 2005 00:00:02 +0000 | |
new | |
Diffstat: | |
A man/man1/passwd.1 | 44 +++++++++++++++++++++++++++++… | |
A man/man1/ssh-agent.1 | 137 +++++++++++++++++++++++++++++… | |
2 files changed, 181 insertions(+), 0 deletions(-) | |
--- | |
diff --git a/man/man1/passwd.1 b/man/man1/passwd.1 | |
t@@ -0,0 +1,44 @@ | |
+.TH PASSWD 1 | |
+.SH NAME | |
+passwd, netkey \- change user password | |
+.SH SYNOPSIS | |
+.B passwd | |
+[ | |
+.I username\fR[@\fPdomain\fR]\fP | |
+] | |
+.PP | |
+.B netkey | |
+.SH DESCRIPTION | |
+.I Passwd | |
+changes the invoker's Plan 9 password and/or APOP secret. | |
+The Plan 9 password is used to login to a terminal while | |
+the APOP secret is used for a number of external services: | |
+POP3, IMAP, and VPN access. The optional argument specifies | |
+the user name and authentication domain to use if different | |
+than the one associated with the machine | |
+.I passwd | |
+is run on. | |
+.PP | |
+The program first prompts for the old Plan 9 password in the specified | |
+domain to establish | |
+identity. | |
+It then prompts for changes to the password and the | |
+secret. | |
+New passwords and secrets must be typed twice, to forestall mistakes. | |
+New passwords must be sufficiently hard to guess. | |
+They may be of any length greater than seven characters. | |
+.PP | |
+.I Netkey | |
+prompts for a password to encrypt network challenges. | |
+It is a substitute for a SecureNet box. | |
+.SH SOURCE | |
+.B \*9/src/cmd/netkey.c | |
+.br | |
+.B \*9/src/cmd/auth/passwd.c | |
+.SH "SEE ALSO" | |
+.IR encrypt (3) | |
+.PP | |
+Robert Morris and Ken Thompson, | |
+``UNIX Password Security,'' | |
+.I AT&T Bell Laboratories Technical Journal | |
+Vol 63 (1984), pp. 1649-1672 | |
diff --git a/man/man1/ssh-agent.1 b/man/man1/ssh-agent.1 | |
t@@ -0,0 +1,137 @@ | |
+.TH SSH-AGENT 1 | |
+.SH NAME | |
+ssh-agent \- SSH authentication agent | |
+.SH SYNOPSIS | |
+.B ssh-agent | |
+[ | |
+.B -l | |
+] | |
+.I factotum-service | |
+.SH DESCRIPTION | |
+.I Ssh-agent | |
+presents | |
+.IR factotum (4) | |
+using the interface that | |
+.IR ssh (1) | |
+requires. | |
+.PP | |
+Once | |
+.I ssh-agent | |
+and | |
+.I factotum | |
+are running, the standard Unix SSH client | |
+can use | |
+.I ssh-agent | |
+(and, indirectly, | |
+.IR factotum ) | |
+to authenticate to remote systems using RSA or DSA keys. | |
+.PP | |
+.I Ssh | |
+accesses | |
+.I ssh-agent | |
+via a Unix socket posted in a private subdirectory of | |
+.B /tmp . | |
+.I Ssh | |
+expects this socket to be in the environment as | |
+.BR $SSH_AGENT_SOCK , | |
+and expects the agent to be running with process id | |
+.BR $SSH_AGENT_PID . | |
+.I Ssh-agent | |
+prints shell commands to set these two variables | |
+before forking itself into the background. | |
+It is typically invoked inside a shell | |
+.B eval | |
+construct; see the examples below. | |
+The | |
+.B -e | |
+option causes | |
+.I ssh-agent | |
+to include | |
+.B export | |
+commands to put the variables into the environment of future programs. | |
+.PP | |
+If the | |
+.B -l | |
+option is given, | |
+.I ssh-agent | |
+lists the usable | |
+.I factotum | |
+keys in the standard SSH format, suitable for creating an | |
+.B authorized_keys | |
+file. | |
+.PP | |
+.I Ssh-agent | |
+connects to | |
+.I factotum | |
+by accessing | |
+.I factotum-service | |
+(default | |
+.RB ` factotum ') | |
+in the current name space. | |
+.PP | |
+There is a Unix program called | |
+.I ssh-agent | |
+that manages SSH keys itself. | |
+Invoke this one with | |
+.B 9 | |
+.BR ssh-agent ; | |
+see | |
+.IR 9 (1). | |
+.SH EXAMPLES | |
+Assume | |
+.IR factotum (4) | |
+is already running and initialized with keys. | |
+.PP | |
+Start a new agent, copying the commands by hand: | |
+.IP | |
+.EX | |
+$ 9 ssh-agent -e | |
+SSH_AUTH_SOCK=/tmp/ssh-405795003d7ee27a/agent.4233; | |
+export SSH_AUTH_SOCK; | |
+SSH_AGENT_PID=4233; | |
+export SSH_AGENT_PID; | |
+$ SSH_AUTH_SOCK=/tmp/ssh-405795003d7ee27a/agent.4233; | |
+$ export SSH_AUTH_SOCK; | |
+$ SSH_AGENT_PID=4233; | |
+$ export SSH_AGENT_PID; | |
+$ | |
+.EE | |
+.PP | |
+Start the agent from | |
+.IR sh (1): | |
+.IP | |
+.EX | |
+$ eval `9 ssh-agent -e` | |
+$ | |
+.EE | |
+.PP | |
+Start the agent from | |
+.IR rc (1): | |
+.IP | |
+.EX | |
+% eval `{9 ssh-agent} | |
+% | |
+.EE | |
+.PP | |
+Use the agent to connect to a remote system: | |
+.IP | |
+.EX | |
+% ssh tux | |
+tux% ^D | |
+% | |
+.EE | |
+.SH SOURCE | |
+.B \*9/src/cmd/auth/ssh-agent.c | |
+.SH SEE ALSO | |
+.IR ssh (1), | |
+.IR rsa (1), | |
+.IR factotum (4) | |
+.SH BUGS | |
+A surprise rather than a bug: | |
+.I ssh-agent | |
+connects to factotum on demand, so it can be | |
+started before | |
+.I factotum | |
+is running and need not be restarted just because | |
+.I factotum | |
+is. |