Chapter 9. Managing Server Encryption Keys

Table of Contents

Summary of Instructions
About Server Encryption Keys
Keys and Mutual Authentication: A Review
Maintaining AFS Server Encryption Keys
Displaying Server Encryption Keys
To display the KeyFile file
To display the afs key from the Authentication Database
Adding Server Encryption Keys
To add a new server encryption key
Removing Server Encryption Keys
To remove a key from the KeyFile file
Handling Server Encryption Key Emergencies
Prevent Mutual Authentication
Disable Authorization Checking by Hand
Work Quickly on Each Machine
Work at the Console
Change Individual KeyFile Files
Two Component Procedures
To create a new server encryption key in emergencies

This chapter explains how to maintain your cell's server encryption keys, which are vital for secure communications in AFS.

Summary of Instructions

This chapter explains how to perform the following tasks by using the indicated commands:

Add a new server encryption keybos addkey and kas setpassword
Inspect key checksums in the Authentication Databasekas examine
Inspect key checksums in the KeyFilebos listkeys
Remove an old server encryption keybos removekey