secstore - retrieve files from secure store
auth/secstore [ -iv ] [ -k key ] [
-p pin ] [ -s address ] [ -u user
] [ op [ file ] ... ]
Secstore manages files on the eponymous Plan 9 secure
storage service. It holds a set of files for each of its users. The service
is most often used to store a file factotum containing user
credentials in a form ready to be loaded into factotum (4). Op
is one of the following operations:
- d
- Delete the given files on the server.
- p
- Print the contents of each file on standard output. Each line is written
separately, so that files of keys will be received correctly when written
to factotum (4).
- r
- Replace the contents of files on the server by the contents of the named
files, after encrypting them. In each case, the file name on the server is
the last component of the local file name (ie, everything after the final
`/').
- t
- List a table of contents of user's collection on the the server. By
default, only the names are listed, one per line, but given the -v
option, each line displays name, file size in bytes, date last stored, and
SHA-1 hash of the file's contents.
- x
- Extract the named files into files of the same name in the current
directory. By default, they are decrypted (ie, in clear text).
If no op is specified, secstore connects to the
server (thus checking the connection and the validity of both key and
user), but does nothing with it.
By default, secstore prompts for a secret key to
authenticate the user and the secstore service. The service might be
configured to demand an extra authentication code, such as a `pin', in which
case secstore will then prompt for that as well. The options are:
- -i
- Read one or two lines from the standard input: the first line contains the
secret; the optional second line contains the extra authentication
code.
- -k key
- Use key as the secret to authenticate with the secstore
service.
- -p pin
- Supply pin as the extra authentication code if the server demands
it.
- -s address
- Connect to the server at the given network address, as defined by
dial (2), and translated by cs (8). The default is
net!$auth!secstore.
- -u user
- Authenticate as user (default: the Inferno user name contained in
/dev/user)
- -v
- Make the output more verbose: display the name announced by the remote
server; and use the long form of the table of contents.
Retrieve the factotum file and feed the keys therein to
factotum (4):
-
auth/secstore p factotum >/mnt/factotum/ctl
/appl/cmd/auth/secstore.b
Perhaps secstore should allow several -s options as
a simple way to replicate the same files on different servers.