Commit | Line | Data |
---|---|---|
805e021f CE |
1 | =head1 NAME |
2 | ||
3 | fs_getcrypt - Displays the state of encryption for AFS file transfers | |
4 | ||
5 | =head1 SYNOPSIS | |
6 | ||
7 | =for html | |
8 | <div class="synopsis"> | |
9 | ||
10 | B<fs getcrypt> [B<-help>] | |
11 | ||
12 | =for html | |
13 | </div> | |
14 | ||
15 | =head1 DESCRIPTION | |
16 | ||
17 | The B<fs getcrypt> command shows the status of network traffic encryption | |
18 | for file traffic in the AFS client. This encryption applies to file | |
19 | traffic going to and coming from the AFS server for users with valid | |
20 | tokens. The complement of this command is B<fs setcrypt> which sets the | |
21 | status of encryption on the client. | |
22 | ||
23 | =head1 CAUTIONS | |
24 | ||
25 | AFS uses an encryption scheme called fcrypt, based on but slightly weaker | |
26 | than DES. Because fcrypt and DES are obsolete, the user must decide how | |
27 | much to trust the encryption. Consider using a Virtual Private Network at | |
28 | the IP level if better encryption is needed. | |
29 | ||
30 | Encrypting file traffic requires a token. Unauthenticated connections or | |
31 | connections authorized via IP-based ACLs will not be encrypted even when | |
32 | encryption is turned on. | |
33 | ||
34 | =head1 OPTIONS | |
35 | ||
36 | =over 4 | |
37 | ||
38 | =item B<-help> | |
39 | ||
40 | Prints the online help for this command. All other valid options are | |
41 | ignored. | |
42 | ||
43 | =back | |
44 | ||
45 | =head1 OUTPUT | |
46 | ||
47 | If encryption is enabled, the output is: | |
48 | ||
49 | Security level is currently crypt (data security). | |
50 | ||
51 | If encryption if disabled, the output is: | |
52 | ||
53 | Security level is currently clear. | |
54 | ||
55 | =head1 EXAMPLES | |
56 | ||
57 | There is only one way to invoke B<fs getcrypt>: | |
58 | ||
59 | % fs getcrypt | |
60 | ||
61 | =head1 PRIVILEGE REQUIRED | |
62 | ||
63 | No special privileges are required for this command. | |
64 | ||
65 | =head1 SEE ALSO | |
66 | ||
67 | L<fs_setcrypt(1)> | |
68 | ||
69 | The description of the fcrypt encryption mechanism at | |
70 | L<http://surfvi.com/~ota/fcrypt-paper.txt>. | |
71 | ||
72 | =head1 COPYRIGHT | |
73 | ||
74 | Copyright 2007 Jason Edgecombe <jason@rampaginggeek.com> | |
75 | ||
76 | This documentation is covered by the BSD License as written in the | |
77 | doc/LICENSE file. This man page was written by Jason Edgecombe for | |
78 | OpenAFS. |