Internet2

Bandwidth Test Controller (BWCTL)

About    |    Downloads      |     Manual Pages     |     Cookbook (PDF)    |    License

bwctld.keys(5)							bwctld.keys(5)



NAME
       bwctld.keys - Bandwidth Control Daemon AES keyfile database

DESCRIPTION
       The bwctld.keys file is used to hold the identity/AES keys pairs needed
       for bwctld to authenticate users. The format of this file is  described
       in  the	aespasswd(1)  manual  page.  The location of this file is con-
       trolled by the -c option to bwctld but it must be named bwctld.keys.

       bwctld uses symmetric AES keys for authentication. Therefore, the bwctl
       client will have to have access to the exact same AES key for authenti-
       cation by AES to work. Most likely,  the	 user  will  simply  know  the
       passphrase  that	 generated  the AES key in the first place.  Addition-
       ally, it is important that the system administrator and end user ensure
       the key is not compromised.

       If  the bwctl client is able to authenticate using the identity and AES
       key presented, bwctld will use the directives found in the  bwctld.lim-
       its file to map policy restrictions to this connection.

SECURITY CONSIDERATIONS
       The  keys  in  the  bwctld.keys	file are not encrypted in any way. The
       security of these keys is completely dependent upon the security of the
       system and the discretion of the system administrator.

RESTRICTIONS
       Identity names are restricted to 16 characters.

SEE ALSO
       aespasswd(1),	bwctl(1),   bwctld(8),	 bwctld.limits(5),   and   the
       http://software/bwctl/ web site.

ACKNOWLEDGMENTS
       This material is based in part on work supported by the	National  Sci-
       ence  Foundation (NSF) under Grant No. ANI-0314723. Any opinions, find-
       ings, and conclusions or recommendations expressed in this material are
       those  of the author(s) and do not necessarily reflect the views of the
       NSF.



				    $Date$			bwctld.keys(5)