[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ktutil and afs-KeyFile

To: heimdal-discuss@sics.se, Ronny Blomme <Ronny.Blomme@elis.ugent.be>
Subject: Re: ktutil and afs-KeyFile
From: "Brandon S. Allbery KF8NH" <allbery@ece.cmu.edu>
Date: Thu, 10 May 2007 15:11:21 -0400
In-Reply-To: <200705102051.31858.Ronny.Blomme@elis.ugent.be>
List-Archive: <http://list.sics.se/sympa/arc/heimdal-discuss>
List-Help: <mailto:sympa@sics.se?subject=help>
List-Id: <heimdal-discuss.sics.se>
List-Owner: <mailto:heimdal-discuss-request@sics.se>
List-Post: <mailto:heimdal-discuss@sics.se>
List-Subscribe: <mailto:sympa@sics.se?subject=subscribe%20heimdal-discuss>
List-Unsubscribe: <mailto:sympa@sics.se?subject=unsubscribe%20heimdal-discuss>
References: <200705102051.31858.Ronny.Blomme@elis.ugent.be>
Reply-To: heimdal-discuss@sics.se, "Brandon S. Allbery KF8NH" <allbery@ece.cmu.edu>


On May 10, 2007, at 14:51 , Ronny Blomme wrote:

> I want to check if the KeyFile realy contains the key for
> afs@REALM.ELIS.UGENT.BE:
>
> # ktutil copy AFSKEYFILE:/usr/afs/etc/KeyFile FILE:/tmp/afs.keytab
> # ktutil -k /tmp/afs.keytab list
> /tmp/afs.keytab:
> Vno  Type         Principal
>   1  des-cbc-md5  afs/elis.ugent.be@ELIS.UGENT.BE
>
> This is the wrong principal!

The KeyFile doesn't actually store a principal; it stores raw keys,  
indexed by kvno.  ktutil fakes a standard principal name for display.

-- 
brandon s. allbery [solaris,freebsd,perl,pugs,haskell] allbery@kf8nh.com
system administrator [openafs,heimdal,too many hats] allbery@ece.cmu.edu
electrical and computer engineering, carnegie mellon university    KF8NH

Follow-Ups:
- Re: ktutil and afs-KeyFile
  - From: Ronny Blomme <Ronny.Blomme@elis.ugent.be>

References:
- ktutil and afs-KeyFile
  - From: Ronny Blomme <Ronny.Blomme@elis.ugent.be>

Prev by Date: ktutil and afs-KeyFile
Next by Date: AFS and Kerberos workshop 2007 (SLAC)
Prev by thread: ktutil and afs-KeyFile
Next by thread: Re: ktutil and afs-KeyFile
Index(es):
- Date
- Thread