rekey(1)
NAME
rekey - Binary key regeneration for kaya web applications
SYNOPSIS
rekey FILE1 [FILE2 [...]]
DESCRIPTION
- rekey gives all Kaya binaries specified on the command
- line a new application secret key
- The application secret key makes webapps and webprogs se
- cure, by encrypting the state transfers. If you receive a webapp
- or webprog binary from someone else, or you believe someone un
- trusted has had read access to your binary, you can use the rekey
- application to generate a new application secret key without
- needing a recompile.
- Binary distributors of Kaya applications are strongly rec
- ommended to use 'rekey' as part of the installation process.
OBTAINING
- The latest release of Kaya can be obtained from
- <http://compsoc.dur.ac.uk/kaya/download.php>
- Development versions can be obtained using darcs(1) from
- <http://compsoc.dur.ac.uk/kaya/darcs/>
SECURITY
- rekey will use /dev/random to generate the new key if pos
- sible. If /dev/random is unavailable (Windows without MinGW, for
- example), the new key will be generated pseudo-randomly. This may
- allow an attacker to easily guess the new key. In environments
- where security is a concern, therefore, we strongly recommend re
- compiling with kayac(1) rather than using rekey if /dev/random is
- unavailable.
- rekey will give a warning when rekeying if /dev/random is
- unavailable.
BUGS
- Please report bugs in rekey to <kaya-devel@comp
- soc.dur.ac.uk>
- rekey cannot rekey Kaya binaries generated with a compiler
- older than the switch to AES256 encryption (0.2.0 final version)
- In rare cases, rekey may not be able to successfully rekey
- a file and will print an error instead. You must recompile in
- this case to get a new application key.
LICENSE
- rekey is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License (ver
- sion 2) as published by the Free Software Foundation.
SEE ALSO
- kayac(1)
- March 2006