MAN.9FRONT.ORG RTFM


     SECSTORE(8)                                           SECSTORE(8)

     NAME
          secstored, secuser - secstore commands

     SYNOPSIS
          auth/secstored [-R] [ -S servername ] [ -s address ] [ -x
          network ] [ -v ]

          auth/secuser [ -v ] username

     DESCRIPTION
          Secstored serves requests from secstore(1). By default it
          listens on port tcp!*!5356; the -s option specifies an
          alternative address. In the connection protocol, secstored
          describes itself as service secstore, but the -S option can
          specify a different servername. The -R option supplements
          the password check with a call to a RADIUS server, for
          checking hardware tokens or other validation.  The -x option
          specifies an alternative network to the default /net.  By
          default, secstored puts itself into the background; the -v
          option enables a verbose debugging mode that suppresses
          that.

          Secuser is an administrative command that runs on the sec-
          store machine, normally the authserver, to create new
          accounts and to change status on existing accounts.  It
          prompts for account information such as password and expira-
          tion date, writing to /adm/secstore/who/user for a given
          secstore user. The directory /adm/secstore should be created
          mode 770 with owner or group allowing access to the user
          that runs secstored. The -v option makes the command chat-
          tier.

          By default, secstored warns the client if no account exists.
          If you prefer to obscure this information, use secuser to
          create an account FICTITIOUS.

     FILES
          /adm/secstore/who/user     secstore account name, expiration
                                     date, verifier
          /adm/secstore/store/user/  user 's file storage
          /lib/ndb/auth              for mapping local userid to
                                     RADIUS userid
          /sys/log/secstore          log file (if it does not exist,
                                     secstored logs to /dev/cons)

     SOURCE
          /sys/src/cmd/auth/secstore

     SEE ALSO
          secstore(1)