03-18-2010
Kerberos: Keylist is lost after exiting ktutil
Hi All,
I am able to read a keytab using ktutil and doing a "list" shows the keylist. But once I exit the ktutil tool and then again invoke ktutil and do a "list", the keylist is not shown.
Any ideas why this is happening ?
9 More Discussions You Might Find Interesting
1. Cybersecurity
I have installed Kerberos security in my UNIX system but I need to disable because of an application conflict with Kerberos.
So Anybody ca tell me how can I disable it?
Thank you (1 Reply)
Discussion started by: dansanmex
1 Replies
2. Programming
how can i exit in a c program i have tried
system ("exit");
but this doesnt seem to work
just wondered if you could help. (3 Replies)
Discussion started by: ruffenator
3 Replies
3. Solaris
i m new 2 unix world
can some body explain me abt kerberos
pls explain in detail..! (2 Replies)
Discussion started by: sriram.s
2 Replies
4. Filesystems, Disks and Memory
First time so excuse my ignorance please.
I may not be accurately describing the issue.
I have inherited a small lab mostly SUN V120s.
We lost power and are trying to recover.
Nope no backups...
The primary issue I have is 1 box is an Oracle Server.
It has 2 36Gb harddrives.
I am able to... (3 Replies)
Discussion started by: murphsr
3 Replies
5. AIX
I have 2 servers (lft1 and lft3) running AIX 5.3 ML 5. Both are installed with krb5.client.rte 1.4.0.4 and openssh.base.server 4.3.0.5300.
I have configured some of the users on both servers to authenticate against our Windows 2003 Active Directory. From my PC, I can use telnet to login... (1 Reply)
Discussion started by: asch337
1 Replies
6. AIX
I was wondering if any of you have used NFS4 with KERBEROS in a HACMP setup and environment with more than 1 resourcegroup that has NFS mount in them.
I Configures the host keys for an Network File System (NFS) server I get stuck with the nfshostkey
I can only add one at a time per system so... (0 Replies)
Discussion started by: ravager
0 Replies
7. Programming
I am in the process of developing a application that needs to be able to authenticate users details with a kerberos server, which is proving to be rather difficult. There seems to be a lack of good information on how to do this using the MIT kerberos api.
Can anyone point me in the right... (0 Replies)
Discussion started by: mshindo
0 Replies
8. Shell Programming and Scripting
I have a script abc.sh. Its contents are as follows: (7 Replies)
Discussion started by: lassimanji
7 Replies
9. OS X (Apple)
Our Network Security folks have mandated that we "Kerberize" our systems to allow them to perform an authenticated scan. This consists of instructions to change /etc/pam.d/sshd from:
# sshd: auth account password session
auth optional pam_krb5.so use_kcminit
auth optional ... (0 Replies)
Discussion started by: jnojr
0 Replies
LEARN ABOUT DEBIAN
ktutil
KTUTIL(8) BSD System Manager's Manual KTUTIL(8)
NAME
ktutil -- manage Kerberos keytabs
SYNOPSIS
ktutil [-k keytab | --keytab=keytab] [-v | --verbose] [--version] [-h | --help] command [args]
DESCRIPTION
ktutil is a program for managing keytabs. Supported options:
-v, --verbose
Verbose output.
command can be one of the following:
add [-p principal] [--principal=principal] [-V kvno] [--kvno=kvno] [-e enctype] [--enctype=enctype] [-w password] [--password=password] [-r]
[--random] [-s] [--no-salt] [-H] [--hex]
Adds a key to the keytab. Options that are not specified will be prompted for. This requires that you know the password or the
hex key of the principal to add; if what you really want is to add a new principal to the keytab, you should consider the get
command, which talks to the kadmin server.
change [-r realm] [--realm=realm] [--a host] [--admin-server=host] [--s port] [--server-port=port]
Update one or several keys to new versions. By default, use the admin server for the realm of a keytab entry. Otherwise it will
use the values specified by the options.
If no principals are given, all the ones in the keytab are updated.
copy keytab-src keytab-dest
Copies all the entries from keytab-src to keytab-dest.
get [-p admin principal] [--principal=admin principal] [-e enctype] [--enctypes=enctype] [-r realm] [--realm=realm] [-a admin server]
[--admin-server=admin server] [-s server port] [--server-port=server port] principal ...
For each principal, generate a new key for it (creating it if it doesn't already exist), and put that key in the keytab.
If no realm is specified, the realm to operate on is taken from the first principal.
list [--keys] [--timestamp]
List the keys stored in the keytab.
remove [-p principal] [--principal=principal] [-V -kvno] [--kvno=kvno] [-e -enctype] [--enctype=enctype]
Removes the specified key or keys. Not specifying a kvno removes keys with any version number. Not specifying an enctype removes
keys of any type.
rename from-principal to-principal
Renames all entries in the keytab that match the from-principal to to-principal.
purge [--age=age]
Removes all old versions of a key for which there is a newer version that is at least age (default one week) old.
SEE ALSO
kadmin(8)
HEIMDAL
April 14, 2005 HEIMDAL