:USP cache auth (0:Authentication cached) Item 2: Instruct the PGP Encryption Server to create a user keyĪuthenticating to the PGP Encryption Server does not create a key on the PGP Encryption Server. Pgp -auth-username user1 -auth-passphrase mypass -usp-cache-auth -usp-server This is the only time that a password needs to be entered at the command line: The credentials will stay cached until they are explicitly cleared. Once the credentials are cached, there is no need to use the credentials for subsequent commands. This is so that the PGP Encryption Server can manage the key. The user should be in an the PGP Encryption Server policy that uses SKM (Server Key Mode) key management. If the PGP Encryption Server uses Directory Synchronization with Active Directory then the -auth-username argument is the sAMAccountName or User Principal Name (UPN) of a user in Active Directory and the -auth-passphrase argument uses the user's Active Directory password. It is the equivalent of enrolling from Encryption Desktop. Item 1: Authenticate to server and cache credentialsĪuthenticating to the PGP Encryption Server is compulsory in order to access keys from the server. Note that the managed key name must match exactly how it appears in the Name column of the Keys / Managed Keys page of the the PGP Encryption Server administration console. Note: Results of example commands are italicized. PGP Encryption Server managed key name: "User One ".PGP Encryption Server user passphrase: mypassword.PGP Encryption Server Server username: user1.In the examples below, the following values are used: At no point are keys stored in the local keyring. The authentication credentials are cached. Item 16: List Key Details for a UUID via "-search-mak"īefore accessing any of the keys on the PGP Encryption Server, the PGP Command Line user has to authenticate to the PGP Encryption Server.Item 14: Find a User ID based on Key ID.Item 12: Find a User ID based on email address.Item 11: Find a Key ID based on email address.Item 10: List all users on the PGP server using the search-mak command.Item 9: Decrypt and verify a file using the authenticated user's key.Item 8: Decrypt a file using the authenticated user's key.Item 7: Encrypt a file to the authenticated user's key and another user's key and sign.Item 6: Encrypt a file to the authenticated user's key and another user's key.Item 5: Encrypt and Sign a file using the authenticated user's key.Item 4: Sign a file using the authenticated user's key.Item 2: Instruct the PGP Encryption Server to create a user key.Item 1: Authenticate to server and cache credentials.This article includes examples of how PGP Command Line interacts with the PGP Encryption Server using the Universal Services Protocol.įor more information on FAQs for PGP Command Line, see the following articles:ġ80234 - HOW TO: License PGP Command Line 10.xġ53244 - HOW TO: Set the PGP_HOME_DIR variable for PGP Command Lineġ80118 - HOW TO: Use PGP Command Line to Create and Manage PGP Keys This allows for more secure key management. Once authenticated, the PGP Command Line user can access their private PGP key directly from the PGP Encryption Server they do not need to store the key in their local keyring. USP runs on https port 443 and the connection is secured with a TLS certificate. In this configuration, the PGP Encryption Server is sometimes referred to as a Key Management Server (KMS). This is very similar to the way in which PGP Encryption Desktop (Symantec Encryption Desktop) users enroll to the PGP Encryption Server. A unique feature of PGP Command Line is that it can authenticate to the PGP Encryption Server (Symantec Encryption Management Server) using the USP (Universal Services Protocol/https).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |