Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

kdb_util(8krb) [ultrix man page]

kdb_util(8krb)															    kdb_util(8krb)

       kdb_util - Kerberos database utility

       /var/dss/kerberos/bin/kdb_util operation filename [ database ]

		Function to perform on the database. The operation argument must be one of the following values:

		load   Converts the database in file filename, to format and overwrites the database specified.

		dump   Converts the database into form, and writes the result to file, filename.

		       Performs  the same function as dump, and creates the file when finished.  The is used by to determine if a slave_dump is in
		       progress, or if it did not complete successfully.

		       Prompts you for the old key of the Kerberos database as well as a new master key.  It converts  the  database  into  format
		       and,  at the same time, decrypts those sections of the database encrypted with the old master key and re-encrypts them with
		       the new master key.  The result is written to the file, filename.

       filename The name of the source file for the load operation or the destination file for the  operations:  dump,	slave_dump,  and  new_mas-

       database The name of the database.  If the argument is not included, the Kerberos database is stored in files and by default.

       The  command  allows  the Kerberos administrator to perform several functions on the entire Kerberos database of a master or slave Kerberos
       server in one operation.  The database argument specifies the name of the Kerberos database.  The Kerberos database utility reads from  and
       writes to the Kerberos database and, in addition, it reads from and writes to a file in format:	 filename.  A file is an ASCII representa-
       tion of a Kerberos database.  The functions that can be specified by the operation argument are listed in the Arguments section.

       Whenever the Kerberos database is changed by the modification time of is updated.  The file indicates the age of the database.

       See Also
	      krb_dbase(5krb), kdb_init(8krb), kdb_edit(8krb), kdb_destroy(8krb), kstash(8krb)


Check Out this Related Man Page

krb_dbase(5krb) 														   krb_dbase(5krb)

       krb_dbase - ASCII version of the Kerberos database

       All  of	the  Kerberos tools, including the daemon, access a version of the Kerberos database that is stored in an file.  See the reference
       page for more information.  Files in format are not user readable.  To examine the Kerberos database, it is necessary to convert the  data-
       base into an ASCII-formatted file with A file in format is an ASCII-formatted version of the Kerberos database.

       Each  line  in  a  file	lists the attributes associated with a single Kerberos principal.  The following list describes the fields as they
       appear from left to right in a file.  A blank entry in the database is indicated by an asterisk (*).

       Kerberos primary name: The primary name is the first part of the principal name that the line describes.  It is usually equivalent  to  the
       name of the application or user that is associated with	   the principal.

       Kerberos instance name: The instance name is the second section of the principal name that the line describes.  It is usually equivalent to
       the name of the machine on which an application runs.  If the primary name references a user, the instance name is blank.

       Maximum ticket lifetime: The third entry is the maximum lifetime of a ticket produced for the principal	by  the  ticket-granting  service.
       The number stored in the file indicates the number of 5-minute intervals for which the ticket is valid.	For example, if the maximum ticket
       lifetime of a principal is 10, any ticket that the principal acquires from the ticket-granting service will expire in a maximum of 50  min-
       utes.  The maximum ticket lifetime corresponds to a value of 255 (21 hours and 15 minutes).

       Kerberos  database  key version: The master key of the Kerberos database is used to encrypt sections of the Kerberos database.  This master
       key can be changed.  The fourth entry is the version number associated with the master key of the Kerberos database.

       Principal key version: The key associated with the principal can also change.  The fifth field records the version number of the key  asso-
       ciated with the principal.

       Attributes: The attributes field is not currently used by the ULTRIX implementation of Kerberos.  It should always be zero.

       Key of the principal: The key of the principal is stored in the seventh and eighth fields.  It is encrypted with the master database key.

       Expiration time: The date on which the principal's entry in the Kerberos database will expire is stored in the ninth field.  The first four
       digits of the date indicate the year in which the entry will expire. The next two digits indicate the month, the seventh and eighth  digits
       indicate  the day, and the last four digits indicate the hour and minute at which the entry will expire.  For example, an entry of the form
       198909171755 indicates that the principal's entry will expire on September 17, 1989 at 5:55 in the afternoon.

       Modification time: The modification field stores the date on which the principal's entry in the Kerberos database was last changed.  It	is
       stored in the same format as the expiration time.

       Modifier's  name:  The  eleventh field stores the name of the utility that last modified the principal's entry.	Only and a blank entry are
       possible in the modifier's name field.  A blank entry indicates that the field was added by A modifier name  field  that  states  that  the
       entry was produced by indicates that the entry was added by when the database was created.

       Modifier's  instance:  The  twelfth  field  indicates  the instance of the utility that last modified the principal's entry.  This field is
       always blank.

       The following is an example of an entry form of a file for host,
       kprop cactus 255 2 1 0 8f68f19 a941c6d 200001010459 198909171755 * *

See Also
       ndbm(3), kdb_init(8krb), kdb_edit(8krb), kdb_destroy(8krb), kdb_util(8krb)

Man Page