logo
Free, unlimited AI code reviews that run on commit
git-lrc git-lrc GitHub Install Now We'd appreciate a star git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt

aespasswd - Used to create and manage an AES keyfile.

Acknowledgments

       This material is based in part on work supported by the National Science Foundation (NSF) under Grant No.
       ANI-0314723.  Any  opinions,  findings  and conclusions or recommendations expressed in this material are
       those of the author(s) and do not necessarily reflect the views of the NSF.

                                                   2004 Feb 8                                       aespasswd(1)

Description

aespasswd is used to create and manage files that hold identity/key pairs. It is primarily used to manage
       the bwctld.keys file for bwctld and the owampd.keys file for owampd.

       If  the -d option is not specified, then aespasswd prompts the caller for a passphrase. The passphrase is
       hashed using an internal MD5 algorithm to generate a key that is then saved  in  the  keyfile  associated
       with  the  given  identity.  If  the  given  identity  already exists in the keyfile, the previous key is
       overwritten with the new one.

       keyfiles generated by aespasswd are formatted for use with BWCTL and OWAMP.

Examples

aespasswd-f/etc/bwctl/bwctld.keystestuser

              Adds a key for the identity testuser. The user is prompted for a passphrase. If the file does  not
              exist, an error message will be printed and no action will be taken.

       aespasswd-f/etc/bwctl/bwctld.keys-ntestuser

              Creates the file before doing the same as above. If the file already exists, an error message will
              be printed and no action will be taken.

       aespasswd-f/etc/bwctl/bwctld.keys-dtestuser

              Deletes the identity testuser from the keyfile.  If the file does not exist, an error message will
              be printed and no action will be taken.

Keyfile Format

aespasswd generates lines of the format:

       test 54b0c58c7ce9f2a8b551351102ee0938

       An identity, followed by whitespace, followed by a hex encoded 128-bit number, that  is  suitable  to  be
       used as a symmetric AES key.

       No  other text is allowed on these lines; however, comment lines may be added. Comment lines are any line
       where the first non-white space character is '#'.

Name

       aespasswd - Used to create and manage an AES keyfile.

Options

-n     Create the keyfile

       -d     Delete given identity from keyfile

       -fkeyfile
              Specifies file that holds identity/key pairs

Restrictions

identity names are restricted to 16 characters, and passphrases are limited to 1024 characters.

Security Considerations

       The  keys in the keyfile are not encrypted in any way. The security of these keys is completely dependent
       upon the security of the system and the discretion of the system administrator.

See Also

owping(1),   owampd(1),   bwctl(1),    bwctld(1)    and    the    http://e2epi.internet2.edu/owamp    and
       http://e2epi.internet2.edu/bwctl web sites.

Synopsis

aespasswd [-n] [-d] -fkeyfileidentity

See Also