aescbc, ipso, secstore – secstore commands|
auth/secstore [ –cinv ] [ –(g|G) getfile ] [ –p putfile ] [ –r rmfile
] [ –s server ] [ –u user ] |
auth/aescbc –e [ –in ] <cleartext >ciphertext
ipso [ –a –e –l –f –s ] [ file ... ]
Secstore authenticates to a secure–store server using a password
and optionally a hardware token, then saves or retrieves a file.
This is intended to be a credentials store (public/private keypairs,
passwords, and other secrets) for a factotum. |
Option –c prompts for a password change.
Option –g retrieves a file to the local directory; option –G writes it to standard output instead. Specifying getfile of . will send to standard output a list of remote files with dates, lengths and SHA1 hashes.
Option –i says that the password should be read from standard input instead of from /dev/cons.
Option –n says that the password should be read from NVRAM (see authsrv(2)) instead of from /dev/cons.
Option –p stores a file on the secstore.
Option –r removes a file from the secstore.
Option –s sets the dial string of the secstore(8) server. The default is contained in the $secstore environment variable. If the –s option is absent and $secstore is empty, secstore(1) will attempt to dial tcp!$auth!secstore.
Option –u access the secure–store files belonging to user.
Option –v produces more verbose output, in particular providing a few bits of feedback to help the user detect mistyping.
For example, to add a secret to the file read by factotum(4) at startup, open a new window, type
The ipso command packages this sequence into a convenient script to simplify editing of files stored on a secure store. It copies the named files into a local ramfs(4) and invokes acme(1) on them. When the editor exits, ipso prompts the user to confirm copying modifed or newly created files back to secstore. If no file is mentioned, ipso grabs all the user's files from secstore for editing.
By default, ipso will edit the secstore files and, if one of them is named factotum, flush current keys from factotum and load the new ones from the file. If the –e, –f, or –l options are given, ipso will just perform only the requested operations, i.e., edit, flush, and/or load.
The –s option of ipso invokes sam(1) as the editor insted of acme; the –a option provides a similar service for files encrypted by aescbc (q.v.). With the –a option, the full rooted pathname of the file must be specified and all files must be encrypted with the same key. Also with –a, newly created files are ignored.
Aescbc encrypts (under –e) and decrypts (under –d) using AES (Rijndael)
in cipher block chaining (CBC) mode. Options i and n are as per
secstore, except that i reads from file descriptor 3.
Secstore sets error status on failure but will not print an error
message when reading NVRAM or dialing the secstore server fails
unless the –v flag is specified.|
There is deliberately no backup of files on the secstore, so –r
(or a disk crash) is irrevocable. You are advised to store important
secrets in a second location. |
When using ipso, secrets will appear as plain text in the editor
window, so use the command in private.