Internet2
One-Way Ping (OWAMP)
About     |     Downloads      |     Manual Pages     |     Cookbook (PDF)     |     License

pfstore(1)                                                          pfstore(1)



NAME
       pfstore - Used to create and manage a pass-phrase store.

SYNOPSIS
       pfstore [-n] [-d] -f pfsfile identity

OPTIONS
       -n     Create the file

       -d     Delete given identity from the store

       -f pfsfile
              Specifies file that holds identity/pass-phrase pairs

DESCRIPTION
       pfstore  is  used  to  create and manage files that hold identity/pass-
       phrase pairs. It is primarily used to manage the  owampd.pfs  file  for
       owampd.

       If  the -d option is not specified, then pfstore prompts the caller for
       a pass-phrase. The pass-phrase is hex-encoded and saved in the  pfsfile
       with  the associated identity.  If the given identity already exists in
       the pfsfile, the previous pass-phrase is overwritten with the new  one.

       pfsfiles generated by pfstore are formatted for use with OWAMP.

PFSFILE FORMAT
       pfstore generates lines of the format:

       test 54b0c58c7ce9f2a8b551351102ee0938

       An identity, followed by whitespace, followed by a variable-length hex-
       encoded pass-phrase.

       No other text is allowed on these lines; however, comment lines may  be
       added. Comment lines are any line where the first non-white space char-
       acter is ’#’.

EXAMPLES
       pfstore -f /usr/local/etc/owampd.pfs testuser

              Adds a pass-phrase  for  the  identity  testuser.  The  user  is
              prompted for a pass-phrase. If the file does not exist, an error
              message will be printed and no action will be taken.

       pfstore -f /usr/local/etc/owampd.pfs -n testuser

              Creates the file before doing the same as  above.  If  the  file
              already  exists,  an error message will be printed and no action
              will be taken.

       pfstore -f /usr/local/etc/owampd.pfs -d testuser

              Deletes the identity testuser from the  pfsfile.   If  the  file
              does  not  exist, an error message will be printed and no action
              will be taken.


SECURITY CONSIDERATIONS
       The pass-phrases in the pfsfile are not encrypted in any way; they  are
       simply  hex-encoded.  The  security of these pass-phrases is completely
       dependent upon the security of the filesystem and the discretion of the
       system administrator.

RESTRICTIONS
       identity names are restricted to 80 characters.

SEE ALSO
       owping(1),         owampd(1),         owampd(1)         and         the
       http://e2epi.internet2.edu/owamp web site.

ACKNOWLEDGMENTS
       This material is based, in part, on work supported by the National Sci-
       ence  Foundation (NSF) under Grant No. ANI-0314723. Any opinions, find-
       ings, and conclusions or recommendations expressed in this material are
       those  of the author(s) and do not necessarily reflect the views of the
       NSF.



             $Date: 2007-02-01 14:51:00 -0500 (Thu, 01 Feb 2007) $  pfstore(1)