SECSTORE(8) SECSTORE(8) NAME secstored, secuser - secstore commands SYNOPSIS auth/secstored [-R] [ -S servername ] [ -s address ] [ -x network ] [ -v ] auth/secuser [ -v ] username DESCRIPTION Secstored serves requests from secstore(1). By default it listens on port tcp!*!5356; the -s option specifies an alternative address. In the connection protocol, secstored describes itself as service secstore, but the -S option can specify a different servername. The -R option supplements the password check with a call to a RADIUS server, for checking hardware tokens or other validation. The -x option specifies an alternative network to the default /net. By default, secstored puts itself into the background; the -v option enables a verbose debugging mode that suppresses that. Secuser is an administrative command that runs on the sec- store machine, normally the authserver, to create new accounts and to change status on existing accounts. It prompts for account information such as password and expira- tion date, writing to /adm/secstore/who/user for a given secstore user. The directory /adm/secstore should be created mode 770 with owner or group allowing access to the user that runs secstored. The -v option makes the command chat- tier. By default, secstored warns the client if no account exists. If you prefer to obscure this information, use secuser to create an account FICTITIOUS. FILES /adm/secstore/who/user secstore account name, expiration date, verifier /adm/secstore/store/user/ user 's file storage /lib/ndb/auth for mapping local userid to RADIUS userid /sys/log/secstore log file (if it does not exist, secstored logs to /dev/cons) SOURCE /sys/src/cmd/auth/secstore SEE ALSO secstore(1) Page 1 Plan 9 (printed 12/21/24)