Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
HP-UX Reference > K


HP-UX 11i Version 3: February 2007

Technical documentation

» Feedback
Content starts here

 » Table of Contents

 » Index


keylogin — decrypt and store secret key with keyserv


/usr/bin/keylogin [ -r ]


The keylogin command prompts for a password, and uses it to decrypt the user's secret key. The key may be found in the /etc/publickey file (see publickey(4)), the NIS map publickey.byname or user/host entries in the LDAP directory in the user's home domain. The sources and their lookup order are specified in the /etc/nsswitch.conf file (see nsswitch.conf(4)).

Once decrypted, the user's secret key is stored by the local key server process, keyserv. This stored key is used when issuing requests to any secure RPC services, such as NFS. The program keylogout can be used to delete the key stored by keyserv.

keylogin will fail if it cannot get the caller's key, or the password given is incorrect. For a new user or host, a new key can be added using newkey.



Update the /etc/.rootkey file. This file holds the unencrypted secret key of the superuser.

Only the superuser may use this option. It is used so that processes running as superuser can issue authenticated requests without requiring that the administrator explicitly run keylogin as superuser at system startup time (see keyserv(1M)).

The -r option should be used by the administrator when the host's entry in the publickey database has changed, and the /etc/.rootkey file has become out-of-date with respect to the actual key pair stored in the publickey database.

The permissions on the /etc/.rootkey file are such that it may be read and written by the superuser but by no other user on the system.


HP-UX 11i Version 2 is the last HP-UX release on which NIS+ is supported. LDAP is the recommended replacement for NIS+. HP fully supports the industry standard naming services based on LDAP.


keylogin was developed by Sun Microsystems, Inc.



Superuser's secret key


chkey(1), keylogout(1), login(1), keyserv(1M), newkey(1M), publickey(4), nsswitch.conf(4).

LDAP-UX Client Services Administrator's Guide

LDAP-UX Client Services Release Notes

Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 1983-2007 Hewlett-Packard Development Company, L.P.