Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ (1) — Plan9 4th Edition

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

factotum(4)

secstore(8)

SECSTORE(1)

NAME

aescbc, ipso, secstore − secstore commands

SYNOPSIS

­auth/secstore [ ­-s ­server ] [ ­-(g|G) ­getfile ] [ ­-p ­putfile ] [ ­-r ­rmfile ] [ ­-c ] [ ­-u ­user ] [ ­-v ] [ ­-i ]

­auth/aescbc -e ­<cleartext ­>ciphertext
­auth/aescbc -d ­<ciphertext ­>cleartext

­ipso [ ­-a -e -l -f -s ] [ ­file ...  ]

DESCRIPTION

­Secstore authenticates to the server using a password and optionally a hardware token, then saves or retrieves a file.  This is intended to be a credentials store (public/private keypairs, passwords, and other secrets) for a factotum. 

Option ­-p stores a file on the secstore. 

Option ­-g retrieves a file to the local directory; option ­-G writes it to standard output instead.  Specifying ­getfile of . will send to standard output a list of remote files with dates, lengths and SHA1 hashes. 

Option ­-r removes a file from the secstore. 

Option ­-c prompts for a password change. 

Option ­-v produces more verbose output, in particular providing a few bits of feedback to help the user detect mistyping. 

Option ­-i says that the password should be read from standard input instead of from /dev/cons. 

Option ­-n says that the password should be read from NVRAM (see authsrv(2)) instead of from /dev/cons. 

The server is tcp!$auth!secstore, or the server specified by option -s. 

For example, to add a secret to the file read by factotum(4) at startup, open a new window, type

  % ramfs -p; cd /tmp
  % auth/secstore -g factotum
  secstore password:
  % echo ’key proto=apop dom=x.com user=ehg !password=hi’ >> factotum
  % auth/secstore -p factotum
  secstore password:
  % read -m factotum > /mnt/factotum/ctl

and delete the window.  The first line creates an ephemeral memory-resident workspace, invisible to others and automatically removed when the window is deleted.  The next three commands fetch the persistent copy of the secrets, append a new secret, and save the updated file back to secstore.  The final command loads the new secret into the running factotum. 

The ­ipso command packages this sequence into a convenient script to simplify editing of ­files stored on a secure store.  It copies the named ­files into a local ramfs(4) and invokes acme(1) on them.  When the editor exits, ­ipso prompts the user to confirm copying modifed or newly created files back to ­secstore.  If no ­file is mentioned, ­ipso grabs all the user’s files from ­secstore for editing. 

By default, ipso will edit the ­secstore files and, if one of them is named factotum, flush current keys from factotum and load the new ones from the file.  If the -e, -f, or -l options are given, ­ipso will just perform only the requested operations, i.e., edit, flush, and/or load. 

The ­-s option of ­ipso invokes sam(1) as the editor insted of acme; the ­-a option provides a similar service for files encrypted by ­aescbc (q.v.). With the ­-a option, the full rooted pathname of the ­file must be specified and all ­files must be encrypted with the same key.  Also with -a, newly created files are ignored. 

­Aescbc encrypts and decrypts using AES (Rijndael) in cipher block chaining (CBC) mode. 

SOURCE

­/rc/bin/ipso
­/sys/src/cmd/auth/secstore

SEE ALSO

factotum(4), secstore(8)

BUGS

There is deliberately no backup of files on the secstore, so ­-r (or a disk crash) is irrevocable.  You are advised to store important secrets in a second location. 

When using ipso, secrets will appear as plain text in the editor window, so use the command in private.

Plan 9  —  April 17, 2005

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026