• Created by Unknown User (jaredg), last modified on Jul 09, 2007

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Escrow

Escrow is the shared password safe used to keep common credentials in a secure way.

To add a new user to the escrow "clique" or group for IEPM:

  1. The new user should create a new key for him/herself with the PGP key generation command: 
    pgp -kg
    When prompted, use a key strength of 1024 bits and use the suggested key name format Firstname Lastname <username@slac.stanford.edu>.
  2. The new user should export his/her PGP key for use with escrow: 
    escrow createuser
    This will export the user's public PGP key into a separate file which can then be imported into escrow.
  3. An existing escrow user should add the user's key to the clique's keyring: 
    escrow adduser -c iepm ~*<newuser>*/.escrow/publickey
    e.g. escrow adduser -c iepm ~jaredg/.escrow/publickey
    The program will repeatedly prompt for confirmation that the key is trusted. It will also prompt you for the existing user's PGP passphrase.
  4. An existing escrow user should add the user's key to the iepmacct list of secrets: 
    escrow adduser -c iepm iepmacct *<username>*
    e.g. escrow adduser -c iepm iepmacct jaredg
    The program will prompt for the existing user's PGP passphrase.
  • No labels