fs_getcrypt - Displays the state of encryption for Cache Manager operations
fs getcrypt [-help]
The fs getcrypt command displays the default encryption mode that the Cache Manager will use when communicating with File Servers and Location Servers via authenticated connections.
The actual use of encryption and the chosen encryption algorithm is determined by the existence of valid rxkad or yfs-rxgk tokens and the security policies (if any) applied to the File Servers.
When rxkad tokens are in use, network communications will be encrypted using an encryption algorithm called fcrypt. Fcrypt is based on DES but is slightly weaker. Fcrypt and DES are obsolete. Consider upgrading the cell to use yfs-rxgk to obtain support for AES256 encryption.
Encrypting file traffic requires a token. Unauthenticated connections or connections authorized via IP-based ACLs will not be encrypted even when encryption is turned on.
Prints the online help for this command. All other valid options are ignored.
If encryption is enabled, the output is:
Security level is currently crypt (data security).
If auth is enabled, the output is:
Security level is auth (data integrity).
If encryption if disabled, the output is:
Security level is currently clear.
There is only one way to invoke fs getcrypt:
% fs getcrypt
No special privileges are required for this command.
The description of the fcrypt encryption mechanism at http://surfvi.com/~ota/fcrypt-paper.txt.
Copyright 2007 Jason Edgecombe <jason@rampaginggeek.com>
This documentation is covered by the BSD License as written in the doc/LICENSE file. This man page was written by Jason Edgecombe for OpenAFS.
"AFS" is a registered mark of International Business Machines Corporation, used under license. (USPTO Registration 1598389)
"OpenAFS" is a registered mark of International Business Machines Corporation. (USPTO Registration 4577045)
The "AuriStor" name, log 'S' brand mark, and icon are registered marks of AuriStor, Inc. (USPTO Registrations 4849419, 4849421, and 4928460) (EUIPO Registration 015539653).
"Your File System" is a registered mark of AuriStor, Inc. (USPTO Registrations 4801402 and 4849418).
"YFS" and "AuriStor File System" are trademarks of AuriStor, Inc.