glenda.party
term% ls -F
term% cat index.txt
SECSTORE(1)                 General Commands Manual                SECSTORE(1)



NAME
       aescbc, ipso, secstore - secstore commands

SYNOPSIS
       auth/secstore [ -cinv ] [ -(g|G) getfile ] [ -p putfile ] [ -r rmfile ]
       [ -s server ] [ -u user ]

       auth/aescbc -e [ -in ] <cleartext >ciphertext
       auth/aescbc -d [ -in ] <ciphertext >cleartext

       ipso [ -a -e -l -f -s ] [ file ...  ]

DESCRIPTION
       Secstore authenticates to a secure-store server using  a  password  and
       optionally  a  hardware token, then saves or retrieves a file.  This is
       intended to be a credentials store (public/private keypairs, passwords,
       and other secrets) for a factotum.

       Option -c prompts for a password change.

       Option  -g retrieves a file to the local directory; option -G writes it
       to standard output instead.  Specifying getfile of will send  to  stan‐
       dard output a list of remote files with dates, lengths and SHA1 hashes.

       Option -i says that the password should be read from standard input in‐
       stead of from /dev/cons.

       Option -n says that the password should be read from NVRAM  (see  auth‐
       srv(2)) instead of from /dev/cons.

       Option -p stores a file on the secstore.

       Option -r removes a file from the secstore.

       Option  -s  sets the dial string of the secstore(8) server. The default
       is contained in the $secstore environment variable. If the -s option is
       absent  and  $secstore  is  empty,  secstore(1)  will  attempt  to dial
       tcp!$auth!secstore.

       Option -u access the secure-store files belonging to user.

       Option -v produces more verbose output, in particular providing  a  few
       bits of feedback to help the user detect mistyping.

       For  example,  to  add  a  secret  to  the  file read by factotum(4) at
       startup, open a new window, type

         % ramfs -p; cd /tmp
         % auth/secstore -g factotum
         secstore password:
         % echo 'key proto=apop dom=x.com user=ehg !password=hi' >> factotum
         % auth/secstore -p factotum
         secstore password:
         % read -m factotum > /mnt/factotum/ctl

       and delete the window.  The first line creates an ephemeral memory-res‐
       ident workspace, invisible to others and automatically removed when the
       window is deleted.  The next three commands fetch the  persistent  copy
       of  the secrets, append a new secret, and save the updated file back to
       secstore.  The final command loads the new secret into the running fac‐
       totum.

       The  ipso  command  packages  this sequence into a convenient script to
       simplify editing of files stored on a  secure  store.   It  copies  the
       named  files  into  a local ramfs(4) and invokes acme(1) on them.  When
       the editor exits, ipso prompts the user to confirm copying  modifed  or
       newly  created  files  back to secstore.  If no file is mentioned, ipso
       grabs all the user's files from secstore for editing.

       By default, ipso will edit the secstore files and, if one  of  them  is
       named  factotum, flush current keys from factotum and load the new ones
       from the file.  If the -e, -f, or -l options are given, ipso will  just
       perform only the requested operations, i.e., edit, flush, and/or load.

       The  -s option of ipso invokes sam(1) as the editor insted of acme; the
       -a option provides a similar service  for  files  encrypted  by  aescbc
       (q.v.).   With the -a option, the full rooted pathname of the file must
       be specified and all files must be encrypted with the same  key.   Also
       with -a, newly created files are ignored.

       Aescbc  encrypts (under and decrypts (under using AES (Rijndael) in ci‐
       pher block chaining (CBC) mode.  Options and are as per  secstore,  ex‐
       cept that reads from file descriptor 3.

SOURCE
       /rc/bin/ipso
       /sys/src/cmd/auth/secstore

SEE ALSO
       factotum(4), secstore(8)

DIAGNOSTICS
       Secstore  sets error status on failure but will not print an error mes‐
       sage when reading NVRAM or dialing the secstore server fails unless the
       -v flag is specified.

BUGS
       There  is  deliberately no backup of files on the secstore, so -r (or a
       disk crash) is irrevocable.  You are advised to store important secrets
       in a second location.

       When  using  ipso, secrets will appear as plain text in the editor win‐
       dow, so use the command in private.



                                                                   SECSTORE(1)