aescbc, ipso, secstore – secstore commands
[ -in ]
[ -in ]
-a -e -l -f -s
authenticates to a secure-store server
using a password and optionally a hardware token,
then saves or retrieves a file.
This is intended to be a credentials store (public/private keypairs,
passwords, and other secrets) for a factotum.
prompts for a password change.
retrieves a file to the local directory;
writes it to standard output instead.
will send to standard output
a list of remote files with dates, lengths and SHA1 hashes.
says that the password should be read from standard input
instead of from
says that the password should be read from NVRAM
instead of from
stores a file on the secstore.
removes a file from the secstore.
sets the dial string of the
server. The default is contained in the
environment variable. If the
option is absent and
will attempt to dial
access the secure-store files belonging to
produces more verbose output, in particular providing a few
bits of feedback to help the user detect mistyping.
For example, to add a secret to the file read by
at startup, open a new window, type
% ramfs -p; cd /tmp
% auth/secstore -g factotum
% echo 'key proto=apop dom=x.com user=ehg !password=hi' >> factotum
% auth/secstore -p factotum
% read -m factotum > /mnt/factotum/ctl
and delete the window.
The first line creates an ephemeral memory-resident workspace,
invisible to others and automatically removed when the window is deleted.
The next three commands fetch the persistent copy of the secrets,
append a new secret,
and save the updated file back to secstore.
The final command loads the new secret into the running factotum.
command packages this sequence into a convenient script to simplify editing of
stored on a secure store.
It copies the named
into a local
on them. When the editor exits,
prompts the user to confirm copying modifed or newly created files back to
grabs all the user’s files from
will edit the
files and, if
one of them is named
flush current keys from factotum and load
the new ones from the file.
options are given,
will just perform only the requested operations, i.e.,
edit, flush, and/or load.
as the editor insted of
option provides a similar service for files encrypted by
option, the full rooted pathname of the
must be specified and all
must be encrypted with the same key.
newly created files are ignored.
and decrypts (under
using AES (Rijndael) in cipher block chaining (CBC) mode.
are as per
reads from file descriptor 3.
Secstore sets error status on failure but will not print an error
message when reading NVRAM or dialing the secstore server fails
flag is specified.
There is deliberately no backup of files on the secstore, so
(or a disk crash) is irrevocable. You are advised to store
important secrets in a second location.
secrets will appear as plain text in the editor window,
so use the command in private.