NAME

       bwctld.keys - Bandwidth Control Daemon AES keyfile database

DESCRIPTION

       The bwctld.keys file is used to hold the identity/AES keys pairs needed for bwctld to authenticate users.
       The format of this file is described in the aespasswd(1) manual  page.  The  location  of  this  file  is
       controlled by the -c option to bwctld but it must be named bwctld.keys.

       bwctld  uses  symmetric AES keys for authentication. Therefore, the bwctl client will have to have access
       to the exact same AES key for authentication by AES to work. Most likely, the user will simply  know  the
       passphrase  that generated the AES key in the first place.  Additionally, it is important that the system
       administrator and end user ensure the key is not compromised.

       If the bwctl client is able to authenticate using the identity and AES key presented, bwctld will use the
       directives found in the bwctld.limits file to map policy restrictions to this connection.

SECURITY CONSIDERATIONS

       The  keys  in the bwctld.keys file are not encrypted in any way. The security of these keys is completely
       dependent upon the security of the system and the discretion of the system administrator.

RESTRICTIONS

       Identity names are restricted to 16 characters.

SEE ALSO

       aespasswd(1), bwctl(1), bwctld(8), bwctld.limits(5), and the http://software/bwctl/ web site.

ACKNOWLEDGMENTS

       This material is based in part on work supported by the National Science Foundation (NSF) under Grant No.
       ANI-0314723.  Any  opinions,  findings, and conclusions or recommendations expressed in this material are
       those of the author(s) and do not necessarily reflect the views of the NSF.

                                                     $Date$                                       bwctld.keys(5)