Provided by: myproxy-admin_5.5-1_i386 bug

NAME

       myproxy-admin-load-credential - directly load repository

SYNOPSIS

       myproxy-admin-load-credential [ options ]

DESCRIPTION

       The  myproxy-admin-load-credential command stores a credential directly
       in the local MyProxy repository.  It must be run from the account  that
       owns  the  repository.   Many  of  the  options are similar to myproxy-
       init(1).  However, unlike  myproxy-init,  myproxy-admin-load-credential
       does not create a proxy from the source credential but instead directly
       loads a copy of the source credential into the  repository.   The  pass
       phrase  of  the  source  credential  is  unchanged.  Use myproxy-admin-
       change-pass(8) to change the pass phrase after the credential is stored
       if  desired.   Proxy  credentials with default lifetime of 12 hours can
       then be retrieved by myproxy-logon(1)  using  the  MyProxy  passphrase.
       The command's behavior is controlled by the following options.

OPTIONS

       -h, --help
              Displays command usage text and exits.

       -u, --usage
              Displays command usage text and exits.

       -v, --verbose
              Enables verbose debugging output to the terminal.

       -V, --version
              Displays version information and exits.

       -s dir, --storage dir
              Specifies the location of the credential storage directory.  The
              directory must be  accessible  only  by  the  user  running  the
              myproxy-server   process   for   security   reasons.    Default:
              /var/lib/myproxy or /var/myproxy or $GLOBUS_LOCATION/var/myproxy

       -c filename, --certfile filename
              Specifies the filename of the source  certificate.   This  is  a
              required parameter.

       -y filename, --keyfile filename
              Specifies  the  filename  of  the source private key.  This is a
              required parameter.  If the private key  is  encrypted,  MyProxy
              clients  will  be  required to give the encryption passphrase to
              access the key.  When used with -R or -Z, it is common  for  the
              private  key  to not be encrypted, so MyProxy clients can access
              the credentials using only certificate-based authentication  and
              authorization.

       -l username, --username username
              Specifies  the MyProxy account under which the credential should
              be stored.  By default,  the  command  uses  the  value  of  the
              LOGNAME  environment  variable.   Use  this  option to specify a
              different account username on the MyProxy server.   The  MyProxy
              username need not correspond to a real Unix username.

       -t hours, --proxy_lifetime hours
              Specifies the maximum lifetime of credentials retrieved from the
              myproxy-server(8) using  the  stored  credential.   Default:  12
              hours

       -d, --dn_as_username
              Use the certificate subject (DN) as the username.

       -a, --allow_anonymous_retrievers
              Allow   credentials  to  be  retrieved  with  just  pass  phrase
              authentication.  By default, only entities with credentials that
              match  the myproxy-server.config(5) default retriever policy may
              retrieve  credentials.   This  option  allows  entities  without
              existing  credentials to retrieve a credential using pass phrase
              authentication by including "anonymous" in the  set  of  allowed
              retrievers.   The  myproxy-server.config(5)  server-wide  policy
              must also allow "anonymous" clients for this option to  have  an
              effect.

       -A, --allow_anonymous_renewers
              Allow  credentials to be renewed by any client.  Any client with
              a valid credential with a subject name that matches  the  stored
              credential  may  retrieve  a  new  credential  from  the MyProxy
              repository if this option  is  given.   Since  this  effectively
              defeats  the  purpose  of  proxy credential lifetimes, it is not
              recommended.  It is included only for sake of completeness.

       -r name, --retrievable_by name
              Allow the specified entity to retrieve credentials.  See -x  and
              -X options for controlling name matching behavior.

       -E name, --retrieve_key name
              Allow  the  specified entity to retrieve end-entity credentials.
              See -x and -X options for controlling name matching behavior.

       -R name, --renewable_by name
              Allow the specified entity to renew credentials.  See -x and  -X
              options for controlling name matching behavior.

       -Z name, --retrievable_by_cert name
              Allow  the  specified  entity  to retrieve credentials without a
              passphrase.  See -x and -X options for controlling name matching
              behavior.

       -x, --regex_dn_match
              Specifies that names used with following options -r, -E, -R, and
              -Z  will  be  matched  against  the  full  certificate   subject
              distinguished  name  (DN)  according  to  REGULAR EXPRESSIONS in
              myproxy-server.config(5).

       -X, --match_cn_only
              Specifies that names used with following options -r, -E, -R, and
              -Z  will  be matched against the certificate subject common name
              (CN)   according   to   REGULAR    EXPRESSIONS    in    myproxy-
              server.config(5).   For  example,  if  an  argument  of  -r "Jim
              Basney"  is  specified,  then  the  resulting  policy  will   be
              "*/CN=Jim Basney".  This is the default behavior.

       -k name, --credname name
              Specifies the credential name.

       -K description, --creddesc description
              Specifies credential description.

EXIT STATUS

       0 on success, >0 on error

AUTHORS

       See http://myproxy.ncsa.uiuc.edu/about for the list of MyProxy authors.

SEE ALSO

       myproxy-change-pass-phrase(1),   myproxy-destroy(1),   myproxy-info(1),
       myproxy-init(1),   myproxy-logon(1),   myproxy-retrieve(1),    myproxy-
       store(1),  myproxy-server.config(5), myproxy-admin-adduser(8), myproxy-
       admin-change-pass(8), myproxy-admin-query(8), myproxy-server(8)