sc_auth.8   [plain text]


.\"Modified from man(1) of FreeBSD, the NetBSD mdoc.template, and mdoc.samples.
.\"See Also:
.\"man mdoc.samples for a complete listing of options
.\"man mdoc for the short list of editing options
.\"/usr/share/misc/mdoc.template
.Dd December 11, 2006       \" DATE 
.Dt sc_auth 8       \" Program name and manual section number 
.Os MacOSX
.Sh NAME                 \" Section Header - required - don't modify 
.Nm sc_auth
.\" The following lines are read in generating the apropos(man -k) database. Use only key
.\" words here as the database is built based on the words here and in the .ND line. 
.\" Use .Nm macro to designate other names for the documented program.
.Nd smart card authorization setup script
.Sh SYNOPSIS             \" Section Header - required - don't modify
.Nm
.Ar accept
.Op Fl v
.Op Fl u Ar user 
.Op Fl d Ar domain 
.Op Fl k Ar keyname
.Nm
.Ar accept
.Op Fl v
.Op Fl u Ar user 
.Op Fl d Ar domain 
.Fl h Ar hash
.Nm
.Ar remove
.Op Fl v
.Op Fl u Ar user 
.Op Fl d Ar domain 
.Nm
.Ar hash " "
.Op Fl k Ar keyname
.Nm
.Ar list " "
.Op Fl v
.Op Fl u Ar user
.Op Fl d Ar domain 
.Sh DESCRIPTION          \" Section Header - required - don't modify
.Nm
configures a local user account to permit authentication using a supported 
smart card.  Authentication is via asymmetric key (also known as 
public-key) encryption.  
.Nm
works with signing keys, but not encryption keys.  
.Pp
.Nm
can perform the following actions:
.Bl -tag -width -indent  \" Begins a tagged list 
.It Ar accept
Associate a user with a public key on a card.  The key to use can be 
specified either by its name or its hash.  
.It Ar remove
Remove all public keys associated with a user.  
.It Ar hash
Print the hashes for all keys on all inserted cards.  
.It Ar list
List all public keys associated with a user.  
.El                      \" Ends the list
.Pp
.Sh OPTIONS
.Bl -tag -width -indent  \" Differs from above in tag removed 
.It Fl u Ar user
Specifies the user whose account is to be modified
.It Fl d Ar domain
Specifies the directory domain containing the user account
.It Fl k Ar keyname
Specifies a public key by its name
.It Fl h Ar hash
Specifies a public key by its hash
.It Fl v
Verbose mode
.El                      \" Ends the list
.Sh NOTES
.Nm
is a shell script.  It is intended to be modified by administrators to 
suit their local environments.  
.Pp
.Nm
is only known to work with a local directory.  Consult the script's source
for some limited guidance to using remote directories.  
.Sh BUGS
.Nm
.Ar hash
might display the hashes of encryption keys as well as signing keys, even
though 
.Nm
.Ar accept
does not work with encryption keys.