Contents

On-line Guides
All Guides
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems

How To Guides
Xen Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions

 

 

Node:Extract Host Keytabs for the KDCs, Next:, Previous:Create Host Keys for the Slave KDCs, Up:Install the Slave KDCs


Extract Host Keytabs for the KDCs

Each KDC (including the master) needs a keytab to decrypt tickets. Ideally, you should extract each keytab locally on its own KDC. If this is not feasible, you should use an encrypted session to send them across the network. To extract a keytab on a KDC called kerberos.mit.edu, you would execute the following command: 

     kadmin: ktadd host/kerberos.mit.edu
     kadmin: Entry for principal host/kerberos.mit.edu@ATHENA.MIT.EDU with
          kvno 1, encryption type DES-CBC-CRC added to keytab
          WRFILE:/etc/krb5.keytab.
     kadmin:

Note that the principal must exist in the Kerberos database in order to extract the keytab.


 
 
  © 1985-2006 by the Massachusetts Institute of Technology - Reproduced with permission. Design by Interspire