pbkey
The pbkey program generates an encryption key that is suitable for any of the Endpoint Privilege Management encryption algorithms and stores it in a file that is specified on the command line or in the settings file. If pbrun, pbmasterd, or pblocald find the file /etc/pb.key, then they use it to encrypt data that is sent to the other programs.
If encryption is used, then the EPM-UL programs use the key that is specified in the settings file to encrypt local data and network traffic.
For network traffic, the contents of this file must be the same on all machines that are running EPM-UL for requests to execute. The file should be owned by root and have permissions set so that only root can read or write the file.
Syntax
- Version 3.5 and earlier: long command options not supported.
- Version 4.0 and later: long command options supported.
-
pbkey [options]
-f, --keyfile=key_file_name
-F, --seckeyfile=key_file_name
pbkey –v | --version
pbkey –h | --help
Arguments
| f, --keyfile=key_file_name | Optional. The name of the key file to create. The default is the value that is specified in the settings file or /etc/pb.key. |
| -F --seckeyfile=key_file_name | Optional. The name of the new high security key file to create. This -F --seckeyfile=key_file_name key file format must be used when enhanced security is required. Available in v8.5 or later. |
| -v, --version | Optional. Displays the pbkey version and exits. |
| -h, --help | Optional. Displays the program's help message and exits. |
Files
| key_file_name | The resulting key file. |
Executing the command generates a new key and puts it into the file /etc/pb.key:
pbkey /etc/pb.key
