Unix‎ > ‎Solaris‎ > ‎Solaris man pages‎ > ‎1m‎ > ‎


     newkey - create a new Diffie-Hellman key pair  in  the  pub-
     lickey database

     newkey -h hostname [-s nisplus | nis | files | ldap]

     newkey -u username [-s nisplus | nis | files | ldap]

     newkey establishes new public keys for users and machines on
     the  network. These keys are needed when using secure RPC or
     secure NFS service.

     newkey prompts for a password  for  the  given  username  or
     hostname and then creates a new public/secret Diffie-Hellman
     192 bit key pair for the user or host.  The  secret  key  is
     encrypted  with  the  given  password.  The  key pair can be
     stored in the /etc/publickey file, the NIS publickey map, or
     the NIS+ cred.org_dir table.

     newkey consults the publickey  entry  in  the  name  service
     switch  configuration  file (see nsswitch.conf(4)) to deter-
     mine which naming service is used to store  the  secure  RPC
     keys.  If  the  publickey entry specifies a unique name ser-
     vice, newkey will add the key in the specified name service.
     However,  if there are multiple name services listed, newkey
     cannot decide which source to update  and  will  display  an
     error  message.  The  user is required to specify the source
     explicitly with the -s option.

     In the case of NIS, newkey should be run by the superuser on
     the  master NIS server for that domain. In the case of NIS+,
     newkey should be run by the superuser on a machine which has
     permission  to  update  the  cred.org_dir  table  of the new
     user/host domain.

     In the case of NIS+, nisaddcred(1M) should be  used  to  add
     new  keys.  newkey  cannot be used to create keys other than
     192-bit Diffie-Hellman.

     In the case of LDAP, newkey should be run by  the  superuser
     on  a  machine  that also recognizes the directory manager's
     bind distinguished name (DN) and password to perform an LDAP
     update for the host.

     -h hostname     Create a new public/secret key pair for  the
                     privileged   user  at  the  given  hostname.
                     Prompts for a password for the  given  host-

     -u username     Create a new public/secret key pair for  the
                     given  username.  Prompts for a password for
                     the given username.

     -s nisplus      Update the database in the specified source:
     -s nis          nisplus (for NIS+), nis (for NIS), files, or
     -s files        ldap (LDAP). Other sources may be  available
     -s ldap         in the future.

     See attributes(5) for descriptions of the  following  attri-

    |       ATTRIBUTE TYPE        |       ATTRIBUTE VALUE       |
    | Availability                | SUNWcsu                     |

     chkey(1),   keylogin(1),   nisaddcred(1M),    nisclient(1M),
     nsswitch.conf(4), publickey(4), attributes(5)

     NIS+ might not  be  supported  in  future  releases  of  the
     Solaris  operating  system.  Tools to aid the migration from
     NIS+ to LDAP are available in the current  Solaris  release.
     For            more            information,            visit

Man pages from Solaris 10 Update 8. See docs.sun.com and www.oracle.com for further documentation and Solaris information.