SECSTORED(1)                                         SECSTORED(1)

     NAME
          secstored, secuser - secstore commands

     SYNOPSIS
          secstored [-R] [-S servername] [-s tcp!*!5356] [-x mount-
          point]
          secuser [-v] username

     DESCRIPTION
          Secstored serves requests from secstore(1). The -R option
          supplements the password check with a call to a RADIUS
          server, for checking hardware tokens or other validation.
          The -xmountpoint option specifies an alternative to the
          default network /net.

          Secuser is an administrative command that runs on the sec-
          store machine, normally the authserver, to create new
          accounts and to change status on existing accounts.  It
          prompts for account information such as password and expira-
          tion date, writing to /secstore/who/$uid.  The /secstore
          directory should be created mode 770 for the userid or
          groupid of the secstored process.

          By default, secstored warns the client if no account exists.
          If you prefer to obscure this information, use secuser to
          create an account FICTITIOUS.

     FILES
          /secstore/who/$uid secstore account name, expiration date,
          verifier
          /secstore/store/$uid/ users' files
          /ndb/auth for mapping local userid to RADIUS userid

     SOURCE
          /src/cmd/auth/secstore

     SEE ALSO
          secstore(1)