.\"Modified from man(1) of FreeBSD, the NetBSD mdoc.template, and mdoc.samples. .\"See Also: .\"man mdoc.samples for a complete listing of options .\"man mdoc for the short list of editing options .\"/usr/share/misc/mdoc.template .Dd December 11, 2006 \" DATE .Dt sc_auth 8 \" Program name and manual section number .Os MacOSX .Sh NAME \" Section Header - required - don't modify .Nm sc_auth .\" The following lines are read in generating the apropos(man -k) database. Use only key .\" words here as the database is built based on the words here and in the .ND line. .\" Use .Nm macro to designate other names for the documented program. .Nd smart card authorization setup script .Sh SYNOPSIS \" Section Header - required - don't modify .Nm .Ar accept .Op Fl v .Op Fl u Ar user .Op Fl d Ar domain .Op Fl k Ar keyname .Nm .Ar accept .Op Fl v .Op Fl u Ar user .Op Fl d Ar domain .Fl h Ar hash .Nm .Ar remove .Op Fl v .Op Fl u Ar user .Op Fl d Ar domain .Nm .Ar hash " " .Op Fl k Ar keyname .Nm .Ar list " " .Op Fl v .Op Fl u Ar user .Op Fl d Ar domain .Sh DESCRIPTION \" Section Header - required - don't modify .Nm configures a local user account to permit authentication using a supported smart card. Authentication is via asymmetric key (also known as public-key) encryption. .Nm works with signing keys, but not encryption keys. .Pp .Nm can perform the following actions: .Bl -tag -width -indent \" Begins a tagged list .It Ar accept Associate a user with a public key on a card. The key to use can be specified either by its name or its hash. .It Ar remove Remove all public keys associated with a user. .It Ar hash Print the hashes for all keys on all inserted cards. .It Ar list List all public keys associated with a user. .El \" Ends the list .Pp .Sh OPTIONS .Bl -tag -width -indent \" Differs from above in tag removed .It Fl u Ar user Specifies the user whose account is to be modified .It Fl d Ar domain Specifies the directory domain containing the user account .It Fl k Ar keyname Specifies a public key by its name .It Fl h Ar hash Specifies a public key by its hash .It Fl v Verbose mode .El \" Ends the list .Sh NOTES .Nm is a shell script. It is intended to be modified by administrators to suit their local environments. .Pp .Nm is only known to work with a local directory. Consult the script's source for some limited guidance to using remote directories. .Sh BUGS .Nm .Ar hash might display the hashes of encryption keys as well as signing keys, even though .Nm .Ar accept does not work with encryption keys.