|
|
Secure RPC is a security protocol, based on DES encryption, built into the RPC software. Remote programs that use Secure RPC expect client users to have a public/secret key entry in a shared master /etc/publickey file. Access to Secure RPC programs is controlled by the keyserv daemon which accesses the /etc/publickey file when users invoke keylogin. One /etc/publickey database exists for each Secure RPC domain.
Secure RPC users must be given entries in /etc/publickey by the RPC administrator before they can use Secure RPC programs.
In addition, the administrator of every client machine should edit /etc/profile to remove the comment character that has commented out the keylogin command; in this way, keylogin will be invoked for each user at login time. Thereafter Secure RPC commands and programs can be used in the same way ordinary commands and programs are used.
One of the Secure RPC commands, chkey, allows users to change their Secure RPC passwords.
The .profile files of Secure RPC users should be set up to call keylogout(1bnu) automatically at the end of a terminal session. For example:
# .profile code fragment trap "keylogout" 0
(See sh(1) for details on use of trap for executing commands at the end of a terminal session.)