kdb_util(8krb) [ultrix man page]
kdb_util(8krb) kdb_util(8krb) Name kdb_util - Kerberos database utility Syntax /var/dss/kerberos/bin/kdb_util operation filename [ database ] Arguments operation Function to perform on the database. The operation argument must be one of the following values: load Converts the database in file filename, to format and overwrites the database specified. dump Converts the database into form, and writes the result to file, filename. slave_dump Performs the same function as dump, and creates the file when finished. The is used by to determine if a slave_dump is in progress, or if it did not complete successfully. new_master_key Prompts you for the old key of the Kerberos database as well as a new master key. It converts the database into format and, at the same time, decrypts those sections of the database encrypted with the old master key and re-encrypts them with the new master key. The result is written to the file, filename. filename The name of the source file for the load operation or the destination file for the operations: dump, slave_dump, and new_mas- ter_key. database The name of the database. If the argument is not included, the Kerberos database is stored in files and by default. Description The command allows the Kerberos administrator to perform several functions on the entire Kerberos database of a master or slave Kerberos server in one operation. The database argument specifies the name of the Kerberos database. The Kerberos database utility reads from and writes to the Kerberos database and, in addition, it reads from and writes to a file in format: filename. A file is an ASCII representa- tion of a Kerberos database. The functions that can be specified by the operation argument are listed in the Arguments section. Whenever the Kerberos database is changed by the modification time of is updated. The file indicates the age of the database. Files See Also krb_dbase(5krb), kdb_init(8krb), kdb_edit(8krb), kdb_destroy(8krb), kstash(8krb) kdb_util(8krb)
Check Out this Related Man Page
krb_dbase(5krb) krb_dbase(5krb) Name krb_dbase - ASCII version of the Kerberos database Description All of the Kerberos tools, including the daemon, access a version of the Kerberos database that is stored in an file. See the reference page for more information. Files in format are not user readable. To examine the Kerberos database, it is necessary to convert the data- base into an ASCII-formatted file with A file in format is an ASCII-formatted version of the Kerberos database. Each line in a file lists the attributes associated with a single Kerberos principal. The following list describes the fields as they appear from left to right in a file. A blank entry in the database is indicated by an asterisk (*). Kerberos primary name: The primary name is the first part of the principal name that the line describes. It is usually equivalent to the name of the application or user that is associated with the principal. Kerberos instance name: The instance name is the second section of the principal name that the line describes. It is usually equivalent to the name of the machine on which an application runs. If the primary name references a user, the instance name is blank. Maximum ticket lifetime: The third entry is the maximum lifetime of a ticket produced for the principal by the ticket-granting service. The number stored in the file indicates the number of 5-minute intervals for which the ticket is valid. For example, if the maximum ticket lifetime of a principal is 10, any ticket that the principal acquires from the ticket-granting service will expire in a maximum of 50 min- utes. The maximum ticket lifetime corresponds to a value of 255 (21 hours and 15 minutes). Kerberos database key version: The master key of the Kerberos database is used to encrypt sections of the Kerberos database. This master key can be changed. The fourth entry is the version number associated with the master key of the Kerberos database. Principal key version: The key associated with the principal can also change. The fifth field records the version number of the key asso- ciated with the principal. Attributes: The attributes field is not currently used by the ULTRIX implementation of Kerberos. It should always be zero. Key of the principal: The key of the principal is stored in the seventh and eighth fields. It is encrypted with the master database key. Expiration time: The date on which the principal's entry in the Kerberos database will expire is stored in the ninth field. The first four digits of the date indicate the year in which the entry will expire. The next two digits indicate the month, the seventh and eighth digits indicate the day, and the last four digits indicate the hour and minute at which the entry will expire. For example, an entry of the form 198909171755 indicates that the principal's entry will expire on September 17, 1989 at 5:55 in the afternoon. Modification time: The modification field stores the date on which the principal's entry in the Kerberos database was last changed. It is stored in the same format as the expiration time. Modifier's name: The eleventh field stores the name of the utility that last modified the principal's entry. Only and a blank entry are possible in the modifier's name field. A blank entry indicates that the field was added by A modifier name field that states that the entry was produced by indicates that the entry was added by when the database was created. Modifier's instance: The twelfth field indicates the instance of the utility that last modified the principal's entry. This field is always blank. Examples The following is an example of an entry form of a file for host, kprop cactus 255 2 1 0 8f68f19 a941c6d 200001010459 198909171755 * * Files See Also ndbm(3), kdb_init(8krb), kdb_edit(8krb), kdb_destroy(8krb), kdb_util(8krb) krb_dbase(5krb)