Hallo, dies ist ein Test.

PWD: /www/data-lst1/unixsoft/unixsoft/kaempfer/.public_html

Running in File Mode
Relative path: ./../../../../.././../usr/man/man8/wanboot_keygen.8
Real path: /usr/share/man/man8/wanboot_keygen.8
Zurück

'\" te
.\" Copyright (c) 2003, 2017, Oracle and/or its affiliates. All rights reserved.
.TH wanboot_keygen 8 "02 Nov 2017" "Oracle Solaris 11.4" "System Administration Commands"
.SH NAME
wanboot_keygen \- create and display client and server keys for WAN booting
.SH SYNOPSIS

.LP
.nf
\fB/usr/lib/inet/wanboot/keygen\fR \fB-c\fR \fB-o\fR net=\fIa.b.c.d\fR ,cid=\fIclient_ID\fR,type=3des
.fi

.LP
.nf
\fB/usr/lib/inet/wanboot/keygen\fR \fB-c\fR \fB-o\fR net=\fIa.b.c.d\fR ,cid=\fIclient_ID\fR,type=aes
.fi

.LP
.nf
\fB/usr/lib/inet/wanboot/keygen\fR \fB-m\fR
.fi

.LP
.nf
\fB/usr/lib/inet/wanboot/keygen\fR \fB-c\fR \fB-o\fR net=\fIa.b.c.d\fR ,cid=\fIclient_ID\fR,type=sha1
.fi

.LP
.nf
\fB/usr/lib/inet/wanboot/keygen\fR \fB-d\fR \fB-m\fR
.fi

.LP
.nf
\fB/usr/lib/inet/wanboot/keygen\fR \fB-c\fR \fB-o\fR net=\fIa.b.c.d\fR ,cid=\fIclient_ID\fR,type=\fIkeytype\fR
.fi
.SH DESCRIPTION
.sp
.LP
The \fBkeygen\fR utility has three purposes:
.RS +4
.TP
.ie t \(bu
.el o
Using the \fB-c\fR flag, to generate and store per-client 3DES/AES encryption keys, avoiding any DES weak keys.

.RE
.RS +4
.TP
.ie t \(bu
.el o
Using the \fB-m\fR flag, to generate and store a "master" HMAC SHA-1 key for WAN install, and to derive from the master key per-client HMAC SHA-1 hashing keys, in a manner described in RFC 3118, Appendix A.

.RE
.RS +4
.TP
.ie t \(bu
.el o
Using the \fB-d\fR flag along with either the \fB-c\fR or \fB-m\fR flag to indicate the key repository, to display a key of type specified by \fIkeytype\fR, which must be one of \fB3des\fR, \fBaes\fR, or \fBsha1\fR.

.RE
.sp
.LP
The \fBnet\fR and \fBcid\fR arguments are used to identify a specific client. Both arguments are optional. If the \fBcid\fR option is not provided, the key being created or displayed will have a per-network scope. If the \fBnet\fR option is not provided, then the key will have a global scope. Default net and code values are used to derive an HMAC SHA-1 key if the values are not provided by the user.
.SH OPTIONS
.sp
.LP
The following options are supported:
.sp
.ne 2
.mk
.na
\fB\fB-c\fR\fR
.ad
.RS 6n
.rt
Generate and store per-client 3DES/AES encryption keys, avoiding any DES weak keys. Also generates and stores per-client HMAC SHA-1 keys. Used in conjunction with \fB-o\fR.
.RE

.sp
.ne 2
.mk
.na
\fB\fB-d\fR\fR
.ad
.RS 6n
.rt
Display a key of type specified by \fIkeytype\fR, which must be one of \fB3des\fR, \fBaes\fR, or \fBsha1\fR. Use \fB-d\fR with \fB-m\fR or with \fB-c\fR and \fB-o\fR.
.RE

.sp
.ne 2
.mk
.na
\fB\fB-m\fR\fR
.ad
.RS 6n
.rt
Generate and store a "master" HMAC SHA-1 key for WAN install.
.RE

.sp
.ne 2
.mk
.na
\fB\fB-o\fR\fR
.ad
.RS 6n
.rt
Specifies the WANboot client and/or keytype.
.RE

.SH EXAMPLES
.LP
\fBExample 1\fR Generate a Master HMAC SHA-1 Key

.sp
.in +2
.nf
# keygen -m
.fi
.in -2
.sp
.LP
\fBExample 2\fR Generate and Then Display a Client-Specific Master HMAC SHA-1 Key

.sp
.in +2
.nf
# keygen -c -o net=172.16.174.0,cid=010003BA0E6A36,type=sha1
# keygen -d -c -o net=172.16.174.0,cid=010003BA0E6A36,type=sha1
.fi
.in -2
.sp
.LP
\fBExample 3\fR Generate and Display a 3DES Key with a Per-Network Scope

.sp
.in +2
.nf
# keygen -c -o net=172.16.174.0,type=3des
# keygen -d -o net=172.16.174.0,type=3des
.fi
.in -2
.sp
.SH EXIT STATUS
.sp
.ne 2
.mk
.na
\fB\fB0\fR\fR
.ad
.RS 6n
.rt
Successful operation.
.RE

.sp
.ne 2
.mk
.na
\fB\fB>0\fR\fR
.ad
.RS 6n
.rt
An error occurred.
.RE

.SH ATTRIBUTES
.sp
.LP
See \fBattributes\fR(7) for descriptions of the following attributes:
.sp
.TS
tab(
) box;
cw(2.75i) |cw(2.75i) 
lw(2.75i) |lw(2.75i) 
.
ATTRIBUTE TYPE
ATTRIBUTE VALUE
_
Availability
system/boot/wanboot
_
Interface Stability
Obsolete
.TE
.sp
.SH SEE ALSO
.sp
.LP
\fBattributes\fR(7)