checkpoint

man/man1/secstore.html

@@ -0,0 +1,145 @@
+<head>
+<title>secstore(1) - Plan 9 from User Space</title>
+<meta content="text/html; charset=utf-8" http-equiv=Content-Type>
+</head>
+<body bgcolor=#ffffff>
+<table border=0 cellpadding=0 cellspacing=0 width=100%>
+<tr height=10><td>
+<tr><td width=20><td>
+<tr><td width=20><td><b>SECSTORE(1)</b><td align=right><b>SECSTORE(1)</b>
+<tr><td width=20><td colspan=2>
+    <br>
+<p><font size=+1><b>NAME     </b></font><br>
+
+<table border=0 cellpadding=0 cellspacing=0><tr height=2><td><tr><td width=20><td>
+
+    aescbc, secstore, ipso &ndash; secstore commands<br>
+    
+</table>
+<p><font size=+1><b>SYNOPSIS     </b></font><br>
+
+<table border=0 cellpadding=0 cellspacing=0><tr height=2><td><tr><td width=20><td>
+
+    <tt><font size=+1>secstore</font></tt> [ <tt><font size=+1>&#8722;s</font></tt> <i>server</i> ] [ <tt><font size=+1>&#8722;(g|G)</font></tt> <i>getfile</i> ] [ <tt><font size=+1>&#8722;p</font></tt> <i>putfile</i> ] [ <tt><font size=+1>&#8722;r</font></tt>
+    <i>rmfile</i> ] [ <tt><font size=+1>&#8722;c</font></tt> ] [ <tt><font size=+1>&#8722;u</font></tt> <i>user</i> ] [ <tt><font size=+1>&#8722;v</font></tt> ] [ <tt><font size=+1>&#8722;i</font></tt> ] 
+    <table border=0 cellpadding=0 cellspacing=0><tr height=5><td></table>
+    
+    <tt><font size=+1>aescbc</font></tt> -e <i>&lt;cleartext &gt;ciphertext<br>
+    </i><tt><font size=+1>aescbc</font></tt> -d <i>&lt;ciphertext &gt;cleartext 
+    <table border=0 cellpadding=0 cellspacing=0><tr height=5><td></table>
+    </i>
+    <tt><font size=+1>ipso</font></tt> [ <tt><font size=+1>&#8722;a &#8722;e &#8722;l &#8722;f &#8722;s</font></tt> ] [ <i>file</i> ... ] 
+    <table border=0 cellpadding=0 cellspacing=0><tr height=5><td></table>
+    
+    
+</table>
+<p><font size=+1><b>DESCRIPTION     </b></font><br>
+
+<table border=0 cellpadding=0 cellspacing=0><tr height=5><td></table>
+
+
+<table border=0 cellpadding=0 cellspacing=0><tr height=2><td><tr><td width=20><td>
+
+    <i>Secstore</i> authenticates to the server using a password and optionally
+    a hardware token, then saves or retrieves a file. This is intended
+    to be a credentials store (public/private keypairs, passwords,
+    and other secrets) for a factotum. 
+    <table border=0 cellpadding=0 cellspacing=0><tr height=5><td></table>
+    
+    Option <tt><font size=+1>&#8722;p</font></tt> stores a file on the secstore. 
+    <table border=0 cellpadding=0 cellspacing=0><tr height=5><td></table>
+    
+    Option <tt><font size=+1>&#8722;g</font></tt> retrieves a file to the local directory; option <tt><font size=+1>&#8722;G</font></tt> writes
+    it to standard output instead. Specifying <i>getfile</i> of . will send
+    to standard output a list of remote files with dates, lengths
+    and SHA1 hashes. 
+    <table border=0 cellpadding=0 cellspacing=0><tr height=5><td></table>
+    
+    Option <tt><font size=+1>&#8722;r</font></tt> removes a file from the secstore. 
+    <table border=0 cellpadding=0 cellspacing=0><tr height=5><td></table>
+    
+    Option <tt><font size=+1>&#8722;c</font></tt> prompts for a password change. 
+    <table border=0 cellpadding=0 cellspacing=0><tr height=5><td></table>
+    
+    Option <tt><font size=+1>&#8722;v</font></tt> produces more verbose output, in particular providing
+    a few bits of feedback to help the user detect mistyping. 
+    <table border=0 cellpadding=0 cellspacing=0><tr height=5><td></table>
+    
+    Option <tt><font size=+1>&#8722;i</font></tt> says that the password should be read from standard
+    input instead of from <tt><font size=+1>/dev/cons</font></tt>. 
+    <table border=0 cellpadding=0 cellspacing=0><tr height=5><td></table>
+    
+    Option <tt><font size=+1>&#8722;n</font></tt> says that the password should be read from NVRAM instead
+    of from <tt><font size=+1>/dev/cons</font></tt>. This option is unsupported. 
+    <table border=0 cellpadding=0 cellspacing=0><tr height=5><td></table>
+    
+    The server is <tt><font size=+1>tcp!$auth!5356</font></tt>, or the server specified by option
+    <tt><font size=+1>&#8722;s</font></tt>. 
+    <table border=0 cellpadding=0 cellspacing=0><tr height=5><td></table>
+    
+    For example, to add a secret to the file read by <a href="../man4/factotum.html"><i>factotum</i>(4)</a> at
+    startup, open a new window, type<br>
+     
+    <table border=0 cellpadding=0 cellspacing=0><tr height=2><td><tr><td width=20><td>
+
+        <tt><font size=+1>% ramfs &#8722;p; cd /tmp<br>
+         % auth/secstore &#8722;g factotum<br>
+         secstore password:<br>
+         % echo 'key proto=apop dom=x.com user=ehg !password=hi' &gt;&gt; factotum<br>
+         % auth/secstore &#8722;p factotum<br>
+         secstore password:<br>
+         % read &#8722;m factotum &gt; /mnt/factotum/ctl<br>
+        
+        <table border=0 cellpadding=0 cellspacing=0><tr height=5><td></table>
+        </font></tt>
+        
+    </table>
+    and delete the window. The first line creates an ephemeral memory-resident
+    workspace, invisible to others and automatically removed when
+    the window is deleted. The next three commands fetch the persistent
+    copy of the secrets, append a new secret, and save the updated
+    file back to secstore. The final command
+    loads the new secret into the running factotum. 
+    <table border=0 cellpadding=0 cellspacing=0><tr height=5><td></table>
+    
+    <i>Aescbc</i> encrypts and decrypts using AES (Rijndael) in cipher block
+    chaining (CBC) mode.<br>
+    
+</table>
+<p><font size=+1><b>SOURCE     </b></font><br>
+
+<table border=0 cellpadding=0 cellspacing=0><tr height=2><td><tr><td width=20><td>
+
+    <tt><font size=+1>/usr/local/plan9/src/cmd/secstore<br>
+    </font></tt>
+</table>
+<p><font size=+1><b>SEE ALSO    </b></font><br>
+
+<table border=0 cellpadding=0 cellspacing=0><tr height=2><td><tr><td width=20><td>
+
+    <a href="../man4/factotum.html"><i>factotum</i>(4)</a>, Plan 9&#8217;s <i>secstore</i>(8)<br>
+    
+</table>
+<p><font size=+1><b>BUGS     </b></font><br>
+
+<table border=0 cellpadding=0 cellspacing=0><tr height=2><td><tr><td width=20><td>
+
+    There is deliberately no backup of files on the secstore, so <tt><font size=+1>&#8722;r</font></tt>
+    (or a disk crash) is irrevocable. You are advised to store important
+    secrets in a second location.<br>
+    
+</table>
+
+<td width=20>
+<tr height=20><td>
+</table>
+<!-- TRAILER -->
+<table border=0 cellpadding=0 cellspacing=0 width=100%>
+<tr height=15><td width=10><td><td width=10>
+<tr><td><td>
+<center>
+<a href="../../"><img src="../../dist/spaceglenda100.png" alt="Space Glenda" border=1></a>
+</center>
+</table>
+<!-- TRAILER -->
+</body></html>