[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: extracting keytabs(ext works fine but...)

To: jay alvarez <kerber0sb0y@yahoo.com>
Subject: Re: extracting keytabs(ext works fine but...)
From: "Brandon S. Allbery KF8NH" <allbery@ece.cmu.edu>
Date: Mon, 11 Jul 2005 07:46:30 -0400
Cc: heimdal-discuss@sics.se
In-Reply-To: <20050711090809.39829.qmail@web32408.mail.mud.yahoo.com>
References: <20050711090809.39829.qmail@web32408.mail.mud.yahoo.com>
Sender: owner-heimdal-discuss@sics.se

On Mon, 2005-07-11 at 02:08 -0700, jay alvarez wrote:
>   I haven't encountered this scenario before where I
> needed to add additional keytabs for other services
> that will run on a single host(not on the same host
> that kadmin(kdc) is running. If the keytabs will all
> reside in the localhost where kadmin is running(which
> is also the kdc server), ext works automagically
> appending newly extracted keys to my /etc/krb5.keytab.

If you're running kadmind on the master KDC host, you can run kadmin on
any machine and "ext" will work just as it does on the KDC.

If you prefer not running kadmind for some reason, then generate a
temporary keytab on the KDC host, scp it to the target host, and use
"ktutil copy" to append its entries to the host's existing keytab (man
ktutil).

-- 
brandon s. allbery   [linux,solaris,freebsd,perl]      allbery@kf8nh.com
system administrator      [WAY too many hats]        allbery@ece.cmu.edu
electrical and computer engineering, carnegie mellon univ.         KF8NH

Follow-Ups:
- Re: extracting keytabs(ext works fine but...)
  - From: "Brandon S. Allbery KF8NH" <allbery@ece.cmu.edu>

References:
- extracting keytabs(ext works fine but...)
  - From: jay alvarez <kerber0sb0y@yahoo.com>

Prev by Date: extracting keytabs(ext works fine but...)
Next by Date: Re: extracting keytabs(ext works fine but...)
Prev by thread: extracting keytabs(ext works fine but...)
Next by thread: Re: extracting keytabs(ext works fine but...)
Index(es):
- Date
- Thread