Credentials for communicating with other systems are managed via a credential store. This store can be managed, as needed, by the /opt/LifeKeeper/bin/credstore utility. This utility allows server access credentials to be set, changed and removed – on a per server basis.
Adding or Changing Credentials
Adding and changing credentials are handled in the same way. A typical example of adding or changing credentials for a server, server.mydomain.com, would look like this:
/opt/LifeKeeper/bin/credstore -k server.mydomain.com myuser
In this case, myuser is the username used to access server.mydomain.com and the password will be asked for via a prompt with confirmation (like passwd).
You may wish to set up a default key in the credential store. The default credentials will be used for authentication when no specific server key exists. To add or change the default key, run:
/opt/LifeKeeper/bin/credstore -k default myuser
Listing Stored Credentials
The currently stored credentials can be listed by the following command:
/opt/LifeKeeper/bin/credstore -l
This will list the keys stored in the credential store and, in this case, the key indicates the server for which the credentials are used. (This command will not actually list the credentials, only the key names, since the credentials themselves may be sensitive.)
Removing Credentials for a Server
Credentials for a given server can be removed with the following command:
/opt/LifeKeeper/bin/credstore -d -k myserver.mydomain.com
In this case, the credentials for the server myserver.mydomain.com will be removed from the store.
Additional Information
More information on the credstore utility can be found by running:
/opt/LifeKeeper/bin/credstore —man
This will show the entire man/help page for the command.
Post your comment on this topic.