extracting keytabs(ext works fine but...)

[jay alvarez <kerber0sb0y@yahoo.com>]

Hi,
  I haven't encountered this scenario before where I
needed to add additional keytabs for other services
that will run on a single host(not on the same host
that kadmin(kdc) is running. If the keytabs will all
reside in the localhost where kadmin is running(which
is also the kdc server), ext works automagically
appending newly extracted keys to my /etc/krb5.keytab.
But for other host that have existing keytabs, for a
single keytab, e.g; ldap/myhost.com, I do it like this
ext --keytab=/tmp/gwenever.keytab
ldap/gwenever.com@myrealm

and then scp /tmp/gwenever.keytab to the etc of that
host(gwenever). But one time, I needed to have two
keytabs on that host(gwenever), one is the
host/gwenever and another is ldap/gwenever keytab, for
use with ldap client, and gssapi ssh login.
What I did was the delete gwenever's existing keytab
that contains only host/gwenever and then on the kdc..
I launched kadmin and did:
ext --keytab=/tmp/gwenever.keytab host/gwenever
then
ext --keytab=/tmp/gwenever.keytab ldap/gwenever

and finally scp'd it to gwenever.

When I typed ktutil list on gwenever, both needed
keytabs appeared.

Question, is there any less stupid way of doing this,
instead of just deleting the old keytab, sort of just
appending only. :)

Thanks!


		
____________________________________________________
Sell on Yahoo! Auctions – no fees. Bid on great items.  
http://auctions.yahoo.com/