kadmin ktadd question (again) or how to forward tickets with non kerberized software
sophana
sophana at free.fr
Thu Oct 23 12:12:58 EDT 2003
Hi all
I use a load balancing software called Sun Gridengine which uses its
own rsh/rshd to launch jobs.
I also recently installed AFS to replace NFS. As I found no easy way
to forward AFS tokens from the submitter to the exec machines, I
installed krb5.
The easiest solution I found is to have a keytab file per user and do
a kinit -k -t /dir/$USER.keytab. then i do aklog.
I use kadmin ktadd to create the keytab file. And it works fine: my
remote jobs can get the ticket and access afs.
But the problem is that ktadd scrambles the key, so I cannot kinit
without the keytab file.
Is there a way to create the keytab files without scrambling the key?
Or
do you know tools that outputs the tickets to the standard output
(encrypted if possible), and another (remote) one that takes the
stream and generate the ticket.
Thanks for your help
More information about the Kerberos
mailing list