EnglishFrenchSpanish

Ad


OnWorks favicon

dacscred - Online in the Cloud

Run dacscred in OnWorks free hosting provider over Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator

This is the command dacscred that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator

PROGRAM:

NAME


dacscred - acquire and manage DACS credentials

SYNOPSIS


dacscred [-dd dir] [-ll log_level] [-v] op [opargs]

DESCRIPTION


This program is part of the DACS suite.

The dacscred utility supports simple DACS authentication, optionally storing the returned
DACS identities securely for future use by non-browser applications. Basic maintenance
operations are provided for this cache of credentials.

DACS per-user information, including the cache, is kept within a directory that must be
owned by the user. Additionally, the directory must be accessible only by the user. DACS
will refuse to use any per-user information if file permissions are inappropriate.

If this directory is not specified on the command line, the following is the default
behaviour. If an environment variable named DACSDIR is available, its value is used for
the name of this directory; otherwise, DACS will use a directory named .dacs in the user's
home directory.

The contents of the cache file are encrypted. A password must be provided when the cache
is created and before each subsequent access. Currently, AES-128-CFB is used along with a
SHA1-based HMAC[1].

Security
A jurisdiction may reject credentials that are used from an IP address that does not
match the IP address from which the credentials were initially requested (see the
VERIFY_IP configuration directive). This means that if a cache is moved to a different
host, the credentials may be treated as invalid if they are used from that host.

OPTIONS


The following command line flags are common to all operations:

-dd directory
The DACS directory to use instead of the default is directory.

-ll log_level
Set the debugging output level to log_level (see dacs(1)[2]). The default level is
warn.

-v
The -v flag bumps the debugging output level to debug or (if repeated) trace.

The op argument specifies the operation to be performed. The following operations are
available:

Try to authenticate as username by invoking dacs_authenticate[3] at the URL auth-URL.
username has the syntax [[federation]::]jurisdiction:username (the jurisdiction
component of the name must be provided; see dacs(1)[4]). An SSL connection is always
used for this purpose.

If authentication is successful and the -s flag is not given, the (username, auth-URL)
pair will be recorded; subsequent invocations of the command can omit the auth-URL
argument if it is unchanged. If the -p flag is given, the user is prompted for a
password to pass to dacs_authenticate; if -pf is given instead, a password is read
from file (stdin is read if file is "-"). If aux is given, it is used as the value of
the AUXILIARY argument to dacs_authenticate. The -caf (-ccf) flag identifies file as a
file of CA certificates (client certificates) in PEM format, respectively; see
sslclient(1)[5].

New credentials replace old credentials in the cache. Credentials and authentication
mappings in the cache are not automatically managed, so the cache may contain
credentials that have expired.

The following example prompts the user for a password before trying to authenticate as
DSS:smith:

% dacscred auth -p DSS:smith \
https://dss.example.com/cgi-bin/dacs/dacs_authenticate

The following example might be used within a script to test if $passwd is the correct
password for DSS:smith:

% echo $passwd | dacscred auth -s -pf - DSS:smith \
https://dss.example.com/cgi-bin/dacs/dacs_authenticate

The exit status will be 0 only if the password is correct.

Delete all credentials with a name that matches a regular expression (see
regex(3)[6]).

Print all credentials to stdout that should be sent along with a service request to
the given URL. If no URL is given, print all credentials in the cache. Note that these
credentials represent DACS identities and should be kept secret.

List the names of all credentials in the cache, by default. This is equivalent to
providing the cred argument. If the auth argument is given, a list of identities and
the auth-URL arguments that were used to authenticate those identities is displayed.
If a regex is given, the list is limited to those identities matched by it (cred
behaviour) or those "username auth-URL" strings that match it (auth behaviour).

Change the password that protects the cache. The current password must first be
provided.

DIAGNOSTICS


The program exits 0 if everything was fine, 1 if an error occurred.

Use dacscred online using onworks.net services


Free Servers & Workstations

Download Windows & Linux apps

  • 1
    AstrOrzPlayer
    AstrOrzPlayer
    AstrOrz Player is a free media player
    software, part based on WMP and VLC. The
    player is in a minimalist style, with
    more than ten theme colors, and can also
    b...
    Download AstrOrzPlayer
  • 2
    movistartv
    movistartv
    Kodi Movistar+ TV es un ADDON para XBMC/
    Kodi que permite disponer de un
    decodificador de los servicios IPTV de
    Movistar integrado en uno de los
    mediacenters ma...
    Download movistartv
  • 3
    Code::Blocks
    Code::Blocks
    Code::Blocks is a free, open-source,
    cross-platform C, C++ and Fortran IDE
    built to meet the most demanding needs
    of its users. It is designed to be very
    extens...
    Download Code::Blocks
  • 4
    Amidst
    Amidst
    Amidst or Advanced Minecraft Interface
    and Data/Structure Tracking is a tool to
    display an overview of a Minecraft
    world, without actually creating it. It
    can ...
    Download Amidst
  • 5
    MSYS2
    MSYS2
    MSYS2 is a collection of tools and
    libraries providing you with an
    easy-to-use environment for building,
    installing and running native Windows
    software. It con...
    Download MSYS2
  • 6
    libjpeg-turbo
    libjpeg-turbo
    libjpeg-turbo is a JPEG image codec
    that uses SIMD instructions (MMX, SSE2,
    NEON, AltiVec) to accelerate baseline
    JPEG compression and decompression on
    x86, x8...
    Download libjpeg-turbo
  • More »

Linux commands

  • 1
    abi-tracker
    abi-tracker
    abi-tracker - visualize ABI changes
    timeline of a C/C++ software library.
    DESCRIPTION: NAME: ABI Tracker
    (abi-tracker) Visualize ABI changes
    timeline of a C/C+...
    Run abi-tracker
  • 2
    abicheck
    abicheck
    abicheck - check application binaries
    for calls to private or evolving symbols
    in libraries and for static linking of
    some system libraries. ...
    Run abicheck
  • 3
    couriermlm
    couriermlm
    couriermlm - The Courier mailing list
    manager ...
    Run couriermlm
  • 4
    couriertcpd
    couriertcpd
    couriertcpd - the Courier mail server
    TCP server daemon ...
    Run couriertcpd
  • 5
    gbklatex
    gbklatex
    bg5latex - Use LaTeX directly on a Big5
    encodedtex file bg5pdflatex - Use
    pdfLaTeX directly on a Big5 encodedtex
    file bg5+latex - Use LaTeX directly on a
    Big5+...
    Run gbklatex
  • 6
    gbkpdflatex
    gbkpdflatex
    bg5latex - Use LaTeX directly on a Big5
    encodedtex file bg5pdflatex - Use
    pdfLaTeX directly on a Big5 encodedtex
    file bg5+latex - Use LaTeX directly on a
    Big5+...
    Run gbkpdflatex
  • More »

Ad