[hcoop/debian/openafs.git] / doc / man-pages / pod1 / fs_getcrypt.pod

=head1 NAME

fs_getcrypt - Displays the state of encryption for AFS file transfers

=head1 SYNOPSIS

=for html
<div class="synopsis">

B<fs getcrypt> [B<-help>]

=for html
</div>

=head1 DESCRIPTION

The B<fs getcrypt> command shows the status of network traffic encryption
for file traffic in the AFS client. This encryption applies to file
traffic going to and coming from the AFS server for users with valid
tokens. The complement of this command is B<fs setcrypt> which sets the
status of encryption on the client.

=head1 CAUTIONS

AFS uses an encryption scheme called fcrypt, based on but slightly weaker
than DES. Because fcrypt and DES are obsolete, the user must decide how
much to trust the encryption. Consider using a Virtual Private Network at
the IP level if better encryption is needed.

Encrypting file traffic requires a token. Unauthenticated connections or
connections authorized via IP-based ACLs will not be encrypted even when
encryption is turned on.

=head1 OPTIONS

=over 4

=item B<-help>

Prints the online help for this command. All other valid options are
ignored.

=back

=head1 OUTPUT

If encryption is enabled, the output is:

   Security level is currently crypt (data security).

If encryption if disabled, the output is:

   Security level is currently clear.

=head1 EXAMPLES

There is only one way to invoke B<fs getcrypt>:

   % fs getcrypt

=head1 PRIVILEGE REQUIRED

No special privileges are required for this command.

=head1 SEE ALSO

L<fs_setcrypt(1)>

The description of the fcrypt encryption mechanism at
L<http://surfvi.com/~ota/fcrypt-paper.txt>.

=head1 COPYRIGHT

Copyright 2007 Jason Edgecombe <jason@rampaginggeek.com>

This documentation is covered by the BSD License as written in the
doc/LICENSE file. This man page was written by Jason Edgecombe for
OpenAFS.
Commit	Line	Data
805e021f CE	1	=head1 NAME
	2
	3	fs_getcrypt - Displays the state of encryption for AFS file transfers
	4
	5	=head1 SYNOPSIS
	6
	7	=for html
	8	<div class="synopsis">
	9
	10	B<fs getcrypt> [B<-help>]
	11
	12	=for html
	13	</div>
	14
	15	=head1 DESCRIPTION
	16
	17	The B<fs getcrypt> command shows the status of network traffic encryption
	18	for file traffic in the AFS client. This encryption applies to file
	19	traffic going to and coming from the AFS server for users with valid
	20	tokens. The complement of this command is B<fs setcrypt> which sets the
	21	status of encryption on the client.
	22
	23	=head1 CAUTIONS
	24
	25	AFS uses an encryption scheme called fcrypt, based on but slightly weaker
	26	than DES. Because fcrypt and DES are obsolete, the user must decide how
	27	much to trust the encryption. Consider using a Virtual Private Network at
	28	the IP level if better encryption is needed.
	29
	30	Encrypting file traffic requires a token. Unauthenticated connections or
	31	connections authorized via IP-based ACLs will not be encrypted even when
	32	encryption is turned on.
	33
	34	=head1 OPTIONS
	35
	36	=over 4
	37
	38	=item B<-help>
	39
	40	Prints the online help for this command. All other valid options are
	41	ignored.
	42
	43	=back
	44
	45	=head1 OUTPUT
	46
	47	If encryption is enabled, the output is:
	48
	49	Security level is currently crypt (data security).
	50
	51	If encryption if disabled, the output is:
	52
	53	Security level is currently clear.
	54
	55	=head1 EXAMPLES
	56
	57	There is only one way to invoke B<fs getcrypt>:
	58
	59	% fs getcrypt
	60
	61	=head1 PRIVILEGE REQUIRED
	62
	63	No special privileges are required for this command.
	64
65	=head1 SEE ALSO
66
67	L<fs_setcrypt(1)>
68
69	The description of the fcrypt encryption mechanism at
70	L<http://surfvi.com/~ota/fcrypt-paper.txt>.
71
72	=head1 COPYRIGHT
73
74	Copyright 2007 Jason Edgecombe <jason@rampaginggeek.com>
75
76	This documentation is covered by the BSD License as written in the
77	doc/LICENSE file. This man page was written by Jason Edgecombe for
78	OpenAFS.