sourCEntral - mobile manpages

pdf

pfstore

NAME

pfstore − Used to create and manage a pass-phrase store.

SYNOPSIS

pfstore [-n] [-d] -f pfsfile identity

OPTIONS

−n

Create the file

−d

Delete given identity from the store

−f pfsfile

Specifies file that holds identity/pass-phrase pairs

DESCRIPTION

pfstore is used to create and manage files that hold identity/pass-phrase pairs. It is primarily used to manage the owampd.pfs file for owampd.

If the −d option is not specified, then pfstore prompts the caller for a pass-phrase. The pass-phrase is hex-encoded and saved in the pfsfile with the associated identity. If the given identity already exists in the pfsfile, the previous pass-phrase is overwritten with the new one.

pfsfiles generated by pfstore are formatted for use with OWAMP.

PFSFILE FORMAT

pfstore generates lines of the format:

test 54b0c58c7ce9f2a8b551351102ee0938

An identity, followed by whitespace, followed by a variable-length hex-encoded pass-phrase.

No other text is allowed on these lines; however, comment lines may be added. Comment lines are any line where the first non-white space character is ’#’.

EXAMPLES

pfstore −f /etc/owampd/owampd.pfs testuser

Adds a pass-phrase for the identity testuser. The user is prompted for a pass-phrase. If the file does not exist, an error message will be printed and no action will be taken.

pfstore −f /etc/owampd/owampd.pfs −n testuser

Creates the file before doing the same as above. If the file already exists, an error message will be printed and no action will be taken.

pfstore −f /etc/owampd/owampd.pfs −d testuser

Deletes the identity testuser from the pfsfile. If the file does not exist, an error message will be printed and no action will be taken.

SECURITY CONSIDERATIONS

The pass-phrases in the pfsfile are not encrypted in any way; they are simply hex-encoded. The security of these pass-phrases is completely dependent upon the security of the filesystem and the discretion of the system administrator.

RESTRICTIONS

identity names are restricted to 80 characters.

SEE ALSO

owping(1), owampd(1), owampd(1) and the http://e2epi.internet2.edu/owamp web site.

ACKNOWLEDGMENTS

This material is based, in part, on work supported by the National Science Foundation (NSF) under Grant No. ANI-0314723. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the NSF.

pdf