NAME
fs_getcrypt - Displays the state of encryption for AFS file transfers
SYNOPSIS
fs getcrypt [-help]
DESCRIPTION
The fs getcrypt command shows the status of network traffic encryption
for file traffic in the AFS client. This encryption applies to file
traffic going to and coming from the AFS server for users with valid
tokens. The complement of this command is fs setcrypt which sets the
status of encryption on the client.
CAUTIONS
AFS uses an encryption scheme called fcrypt, based on but slightly
weaker than DES. Because fcrypt and DES are obsolete, the user must
decide how much to trust the encryption. Consider using a Virtual
Private Network at the IP level if better encryption is needed.
Encrypting file traffic requires a token. Unauthenticated connections
or connections authorized via IP-based ACLs will not be encrypted even
when encryption is turned on.
OPTIONS
-help
Prints the online help for this command. All other valid options
are ignored.
OUTPUT
If encryption is enabled, the output is:
Security level is currently crypt (data security).
If encryption if disabled, the output is:
Security level is currently clear.
EXAMPLES
There is only one way to invoke fs getcrypt:
% fs getcrypt
PRIVILEGE REQUIRED
No special priviledges are required for this command.
SEE ALSO
fs_setcrypt(1)
The description of the fcrypt encryption mechanism at
<http://surfvi.com/~ota/fcrypt-paper.txt>.
COPYRIGHT
Copyright 2007 Jason Edgecombe <jason@rampaginggeek.com>
This documentation is covered by the BSD License as written in the
doc/LICENSE file. This man page was written by Jason Edgecombe for
OpenAFS.