开发学院操作系统 Linux/Unix AIX 6 加密文件系统（Encrypted File System），第... 阅读

AIX 6 加密文件系统（Encrypted File System），第 3 部分：用户管理（上）

　2008-09-06 08:20:10　来源：WEB开发网　　　

核心提示： # efskeymgr -k user/user1 -s user/user3Encryption framework returned an error:(libefs bad parameter)Unable to get the key to be sentuser5 登录，并运行

# efskeymgr -k user/user1 -s user/user3 Encryption framework returned an error:(libefs bad parameter) Unable to get the key to be sent

user5 登录，并运行 efsmgr -v 命令，以显示他的或者她的密钥存储库的内容。其中添加了 user3 用户密钥存储库的访问密钥。

user5 在当前 Shell 中加载他的或者她的密钥存储库的内容。efskeymgr -V 命令显示了当前 Shell 中所加载的访问密钥：

user3 密钥存储库的访问密钥

user1 密钥存储库的访问密钥

user5 密钥存储库的访问密钥

gid 为 202 的组的密钥存储库的访问密钥

gid 为 203 的组的密钥存储库的访问密钥

user5 可以访问他或者她自己的密钥，以及可以从 user3 密钥存储库中进行访问的所有密钥，这样一来，也就包含了可以从 user1 密钥存储库中访问的所有密钥。

示例 7 授予对用户密钥存储库的访问权限

$ id uid=205(user3) gid=1(staff) $ efskeymgr -v Keystore content: Keystore owner ............: uid 205 Keystore mode .............: admin:managed by EFS administrator Password changed last on ..: 05/10/07 at 09:41:20 Private key: Algorithm :RSA_1024 Fingerprint :30412121:e5a7b90d:dba7dd19:2c45b1e0:c331c09f Validity :This key is valid. # efskeymgr -k user/user1 -s user/user3 root's EFS password: $ id uid=205(user3) gid=1(staff) $ efskeymgr -v Keystore content: Keystore owner ............: uid 205 Keystore mode .............: admin:managed by EFS administrator Password changed last on ..: 05/10/07 at 09:41:20 Private key: Algorithm :RSA_1024 Fingerprint :30412121:e5a7b90d:dba7dd19:2c45b1e0:c331c09f Validity :This key is valid. Access key to keystore user/user1 $ lsuser user1 user1 id=203 pgrp=staff groups=staff,group1,group2 home=/home/user1 shell=/usr/bin/ksh $ efskeymgr -o ksh $ efskeymgr -V List of keys loaded in the current process: Key #0: Kind .....................User key Id (uid / gid) ......... 203 Type .....................Private key Algorithm ................RSA_1024 Validity .................Key is valid Fingerprint .............. eb1aab3e:39c3191c:15cb36d6:57bb2a7c:b3c6d356 Key #1: Kind .....................User key Id (uid / gid) ......... 205 Type .....................Private key Algorithm ................RSA_1024 Validity .................Key is valid Fingerprint .............. 30412121:e5a7b90d:dba7dd19:2c45b1e0:c331c09f Key #2: Kind .....................Group key Id (uid / gid) ......... 202 Type .....................Private key Algorithm ................RSA_1024 Validity .................Key is valid Fingerprint .............. 19f16934:20a54e8e:d59aea33:111a37bf:06261785 Key #3: Kind .....................Group key Id (uid / gid) ......... 203 Type .....................Private key Algorithm ................RSA_1024 Validity .................Key is valid Fingerprint .............. bdf38da7:57cd4486:6794c1bf:5329e0c4:4d042fcc # efskeymgr -k user/user3 -s user/user5 root's EFS password: $ id uid=207(user5) gid=1(staff) $ efskeymgr -v Keystore content: Keystore owner ............: uid 207 Keystore mode .............: admin:managed by EFS administrator Password changed last on ..: 05/10/07 at 11:41:51 Private key: Algorithm :RSA_1024 Fingerprint :6a9423b3:f59f0497:2f0f8ba0:9805a358:e18b16cd Validity :This key is valid. Access key to keystore user/user3 $ efskeymgr -o ksh $ efskeymgr -V List of keys loaded in the current process: Key #0: Kind .....................User key Id (uid / gid) ......... 203 Type .....................Private key Algorithm ................RSA_1024 Validity .................Key is valid Fingerprint .............. eb1aab3e:39c3191c:15cb36d6:57bb2a7c:b3c6d356 Key #1: Kind .....................User key Id (uid / gid) ......... 205 Type .....................Private key Algorithm ................RSA_1024 Validity .................Key is valid Fingerprint .............. 30412121:e5a7b90d:dba7dd19:2c45b1e0:c331c09f Key #2: Kind .....................User key Id (uid / gid) ......... 207 Type .....................Private key Algorithm ................RSA_1024 Validity .................Key is valid Fingerprint .............. 6a9423b3:f59f0497:2f0f8ba0:9805a358:e18b16cd Key #3: Kind .....................Group key Id (uid / gid) ......... 202 Type .....................Private key Algorithm ................RSA_1024 Validity .................Key is valid Fingerprint .............. 19f16934:20a54e8e:d59aea33:111a37bf:06261785 Key #4: Kind .....................Group key Id (uid / gid) ......... 203 Type .....................Private key Algorithm ................RSA_1024 Validity .................Key is valid Fingerprint .............. bdf38da7:57cd4486:6794c1bf:5329e0c4:4d042fcc