SunScreen SKIP, Release 1.5.1, Release Notes

Command Changes in SunScreen SKIP 1.5.1

No commands have changed for the SunScreen SKIP 1.5.1. Table 1-1shows the changes in commands between SunScreen SKIP1.1.1 and SunScreen SKIP 1.5.

Table 1-1 Command Changes between SunScreen Skip 1.1.1 and SunScreen Skip 1.5

Command 

New Option 

Old Option 

Description 

skiplocal

-a

add

-T slottype -t certtype -n nsid -Z secret-file -c cert-file

Adds local identity to trusted CA database. 

 

-r

rm

[-v] -s slot-number

Deletes the Local ID in specified slot number. 

 

-l

list

[-vV] [-s slot-number]

Lists the local IDs present on the system. 

 

-i

init

[-qo]

Initializes Local ID database. Creates the database if one does not exist. The -o option forcibly reinitializes and destroys all current identities in the database.

 

-e

extract

-s slot-number

Writes certificate that is in specified slot number to standard output. 

 

-k

keygen

[-m modulus] [-E exponent] [-L lifetime] [-pV]

Generates new secret key and UDH certificate. 

 

-x

export

[-s slot] [-n nsid]

Displays a skiphost command line that can be used to add ACL entry on remote system for the local host. 

 

-P

passwd

no options... 

Allows you to assign or change the password used to encrypt locally stored secrets. 

 

-R

rmpasswd

no options... 

Allows you to remove the password that is used to encrypt locally stored secrets. 

skipdb

-a 

add 

-t cert-tye -n nsid -d filename

Adds certificates to the certificate database. 

 

-r 

rm 

[-H handle] -n nsid -k keyid

Deletes certificates from the certificate database. 

 

-l 

list 

[-vVL] [-n nsid -k keyid]

Lists certificates in the certificate database. 

 

-i 

init 

no options... 

Initializes certificate database. If the database already exists, the contents will be deleted. 

 

-e 

extract 

[-H handle] -n nsid -k keyid

Extracts certificate to standard output. 

skipca

-a

add

-c ca-file

Adds certificates to the trusted CA database. 

 

-r

rm

[-s ca-slot]

Deletes CA certificates. 

 

-l

list

[-vVxL] [-s ca-slot]

Lists certificates in the trusted CA database. 

 

-i

init

[qo]

Initializes the trusted CA database. Creates the database if one does not exist. The -o option forcibly reinitializes and destroys all current certificates in the database.

 

-e

extract

[-s ca-slot]

Extracts CA certificate to standard output. 

 

-R

revoke

-s ca-slot -S serial-number

Revokes specific CA certificates. 

 

-U

unrevoke

-s ca-slot -S serial-number

Extracts certificate to standard output. 

For complete information, see the man pages for these commands.


Note -

You can no longer list network interface statistics using the skipstat -i command. The new command for this is skiphost -h.