How to use sechkey remotely without using root's password?
sechkey oldkey newkey -r remoteserver.ca.com
eTrustAC sechkey v8.00a-1486.17 - internal key changer
Copyright (c) 2009 CA. All rights reserved.
Please enter your password: <owner of binary's password>
By default the owner of sechkey is root. However, if you change this to a "security user" you will be able to run sechkey remotely without the need for root's password. The purpose of this is to stop the use of a generic user. This "security user" will need to have the Access Control admin right. An example would be if you have a standard user, user123, login to a server and sesu to the "security user" to remotely change a key or the local key. The original user, user123, will be tracked so we know who changed the key.