From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from ar.aichi-u.ac.jp ([202.250.160.40]) by ur; Sat Nov 12 22:05:52 EST 2016
Received: from [192.168.0.249] ([115.36.90.13]) by ar; Sun Nov 13 12:05:41 JST 2016
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\))
Subject: Re: [9front] first 24B in /adm/keys
From: arisawa <arisawa@ar.aichi-u.ac.jp>
In-Reply-To: <befb98db5c4df3427caade7072af99fb@felloff.net>
Date: Sun, 13 Nov 2016 12:05:41 +0900
Content-Transfer-Encoding: quoted-printable
Message-Id: <D0811629-3819-4CCB-B337-0E13FBF5CC8F@ar.aichi-u.ac.jp>
References: <befb98db5c4df3427caade7072af99fb@felloff.net>
To: 9front@9front.org
X-Mailer: Apple Mail (2.2104)
List-ID: <9front.9front.org>
List-Help: <http://lists.9front.org>
X-Glyph: ➈
X-Bullshit: ACPI table-scale wrapper-oriented layer 

thanks, cinap.

ok, I confirmed that when we want to initialize key datebase
it is enough to remove /adm/keys and /adm/keys.who.

thanks again.


> 2016/11/12 22:27=E3=80=81cinap_lenrek@felloff.net =E3=81=AE=E3=83=A1=E3=83=
=BC=E3=83=AB=EF=BC=9A
>=20
> keyfs writes a new file when you add/change users. when theres
> no previous des format keydb, then it will always create a new
> file in aes format as long as it has the aes key which it gets
> from nvram or calculates itself from the password (-p flag) on
> startup.
>=20
> so, unless you use -p flag, make sure you have the aes key
> stored in your nvram. you can do that with auth/wrkey.
>=20
> whenever you change users in keyfs, it will reencrypt everything
> and write a new file. it will also generate a new random iv
> each time so the value you put there doesnt matter.
>=20
> --
> cinap