NAME

	secstored, secuser – secstore commands

SYNOPSIS

	secstored [-R] [-S servername] [-s tcp!*!5356] [-x mountpoint] secuser [-v] username

DESCRIPTION

Secstored serves requests from secstore(1). The −R option supplements the password check with a call to a RADIUS server, for checking hardware tokens or other validation. The −xmountpoint option specifies an alternative to the default network /net. Secuser is an administrative command that runs on the secstore machine, normally the authserver, to create new accounts and to change status on existing accounts. It prompts for account information such as password and expiration date, writing to /home/opt/plan9port/secstore/who/$uid. The /home/opt/plan9port/secstore directory should be created mode 770 for the userid or groupid of the secstored process. By default, secstored warns the client if no account exists. If you prefer to obscure this information, use secuser to create an account FICTITIOUS.

FILES

	/home/opt/plan9port/secstore/who/$uid secstore account name, expiration date, verifier /home/opt/plan9port/secstore/store/$uid/ users’ files /home/opt/plan9port/ndb/auth for mapping local userid to RADIUS userid

SOURCE

	/home/opt/plan9port/src/cmd/auth/secstore

SEE ALSO

	secstore(1)