NAME

       bwctld.keys - Bandwidth Control Daemon AES keyfile database

DESCRIPTION

       The bwctld.keys file is used to hold the identity/AES keys pairs needed for bwctld to authenticate users.
       The  format  of  this  file  is  described  in the aespasswd(1) manual page. The location of this file is
       controlled by the -c option to bwctld but it must be named bwctld.keys.

       bwctld uses symmetric AES keys for authentication. Therefore, the bwctl client will have to  have  access
       to  the  exact same AES key for authentication by AES to work. Most likely, the user will simply know the
       passphrase that generated the AES key in the first place.  Additionally, it is important that the  system
       administrator and end user ensure the key is not compromised.

       If the bwctl client is able to authenticate using the identity and AES key presented, bwctld will use the
       directives found in the bwctld.limits file to map policy restrictions to this connection.

SECURITY CONSIDERATIONS

       The  keys  in the bwctld.keys file are not encrypted in any way. The security of these keys is completely
       dependent upon the security of the system and the discretion of the system administrator.

RESTRICTIONS

       Identity names are restricted to 16 characters.

SEE ALSO

       aespasswd(1), bwctl(1), bwctld(8), bwctld.limits(5), and the http://software/bwctl/ web site.

ACKNOWLEDGMENTS

       This material is based in part on work supported by the National Science Foundation (NSF) under Grant No.
       ANI-0314723. Any opinions, findings, and conclusions or recommendations expressed in  this  material  are
       those of the author(s) and do not necessarily reflect the views of the NSF.

                                                     $Date$                                       bwctld.keys(5)