[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Heimdal/AFS Master Key Coordination
Kerberos encrypts its database with a master key kept in the stash
file. AFS kaserver does something similar, but I'm not sure exactly
what. What do I need to do to make sure that the encryption works
between the two with hprop/hpropd?
What I tried doing was using ktutil to convert the
/usr/afs/etc/KeyFile to a K5 keytab and feeding that to hprop
--keyfile=... --decrypt --stdout. It still wanted a stash file. I
could understand hpropd wanting the stash file so it could re-encrypt
the data, but this is just hprop reading the data.
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz@jpl.nasa.gov, or email@example.com