Re: [9fans] config wisdom? (factotum? cmdline flags? ctl file?)

[Russ Cox <rsc@swtch.com>]

You should use factotum to hold keys.

   key proto=pass service=802.1x user? realm? !password?

Ideally you wouldn't use proto=pass but I don't know
enough about 802.1x to know whether that's easy.

If you get a key from factotum and you are sure that it is
incorrect, I think it would be okay to try to delkey it before
asking factotum again.  Maybe there should be a disable
control message to mark the keys disabled like factotum
already does for found-to-be-bad p9sk1 keys.  But delkey
is fine to start and we'll see if that's useful.

To get the realm out, you'll want to modify auth_userpasswd
to return the AuthRpc* (perhaps inside the UserPasswd*)
instead of auth_freerpc'ing it.  Then you can call auth_attr
to get a list of all the public attributes for the key,
and _strfindattr to find the realm.

That only answers the question of where to get the keys.
It doesn't fully answer the question of which one to use.

A user with keys for multiple realms may give factotum
multiple keys, in which case the intended-canonical approach
is to give your program a -k keyspec option like cpu(1) has
and pass that to factotum when you start the protocol:

   auth_userpasswd(auth_getkey,
     "proto=pass service=802.1x user? realm? !password? %s",
     keyspec);

So if the user says -k 'realm=nj9620' then you get the
first key that matches that.  And if you don't say -k then
you get the first key.  But if the user wanted to mark the
keys with the easier-to-remember 'location=work' and
use that with -k, that would be okay too.  -k doesn't care.

Now the question is how do you find a -k option.  At boot
time, I think it's reasonable to invoke it with a -k argument
taken from plan9.ini if one is specified.  (I assume you have
to change /boot anyway).  This would only be necessary
when the user has multiple 802.1x keys in his factotum.

Russ