kdb5_util with -mkey_convert

Mike Friedman mikef at ack.Berkeley.EDU
Mon Jun 24 12:40:49 EDT 2002

On Mon Jun 24 09:29:54 2002, Nicolas.Williams at ubsw.com said:

> By "architecture" I referring to the CPU architecture, not OS arch.


Oh, OK.  Still, the old KDC is on a Sparc Ultra-5;  the new system is an
Ultra-10.  And the new stash file I tested with this morning was created
on the Ultra-10.

As for my old stash file (corresponding to the existing db master key):  I
have no problem with it in any other respect.  Eg, normal authentication of
principals, use of kadmin from a remote system and, for that matter, starting
up the daemons in the first place.  All this works with the same db and stash
file on 1.2.5 as it did on 1.2.1.

Anyway, as I said, I'll leave this alone for now.  In fact, until I saw your
note of last May, I didn't even know about the undocumented feature (though
I've always felt there should be such a capability).


Mike Friedman                             System and Network Security
mikef at ack.Berkeley.EDU                    2484 Shattuck Avenue
1-510-642-1410                            University of California at Berkeley
http://ack.Berkeley.EDU/~mikef            http://security.berkeley.edu

More information about the Kerberos mailing list