copying keytab file
madhuri D.J
mdj_frend at yahoo.com
Sat Jul 10 03:40:45 EDT 2004
hi kroup,
I have installed Kerberos on a linux machine.I have generated keytab file.
But on the Application server, do I need to run the ktadd utility to create the keytab entry for the host principal on the application server or do I need to copy the keytab file from KDC to the application server?
If I need to add the keytab entry for the host principal( application server), using ktadd, and if that utility is not there on the application server, is there any way to do it?
thank you
---------------------------------
Do you Yahoo!?
Yahoo! Mail - 50x more storage than other providers!!From news at ra.nrl.navy.mil Sat Jul 10 06:45:12 2004
Received: from pacific-carrier-annex.mit.edu (PACIFIC-CARRIER-ANNEX.MIT.EDU
[18.7.21.83])
by pch.mit.edu (8.12.8p2/8.12.8) with ESMTP id i6AAjCl1018484
for <kerberos at PCH.mit.edu>; Sat, 10 Jul 2004 06:45:12 -0400 (EDT)
Received: from ra.nrl.navy.mil (ra.nrl.navy.mil [132.250.1.121])
i6AAjBsE002494
for <kerberos at MIT.EDU>; Sat, 10 Jul 2004 06:45:11 -0400 (EDT)
Received: (from news at localhost)
by ra.nrl.navy.mil (8.11.7p1+Sun/8.11.7) id i6AAVIR21547
for kerberos at MIT.EDU; Sat, 10 Jul 2004 06:31:18 -0400 (EDT)
From: mdj_frend at yahoo.com (mdj_kerberos)
X-Newsgroups: comp.protocols.kerberos
Date: 10 Jul 2004 03:31:16 -0700
Organization: http://groups.google.com
Message-ID: <2db721d6.0407100231.680b4ca7 at posting.google.com>
To: kerberos at MIT.EDU
X-Mailman-Approved-At: Sun, 11 Jul 2004 03:22:18 -0400
Subject: question on keytab file , how KDC will come to know the server key?
X-BeenThere: kerberos at mit.edu
X-Mailman-Version: 2.1
Precedence: list
List-Id: The Kerberos Authentication System Mailing List <kerberos.mit.edu>
List-Help: <mailto:kerberos-request at mit.edu?subject=help>
List-Post: <mailto:kerberos at mit.edu>
List-Subscribe: <https://mailman.mit.edu/mailman/listinfo/kerberos>,
<mailto:kerberos-request at mit.edu?subject=subscribe>
List-Archive: <http://mailman.mit.edu/pipermail/kerberos>
List-Unsubscribe: <https://mailman.mit.edu/mailman/listinfo/kerberos>,
<mailto:kerberos-request at mit.edu?subject=unsubscribe>
X-List-Received-Date: Sat, 10 Jul 2004 10:45:13 -0000
hi,
I have installed kerberos and KDC is running fine. I have added a
user with admin privilage in to KDC database.
Now, I am running kadmin remotely on the application server. I am
adding the principal as:
on the application server,
kadmin: addprinc host/localhost.localdomain
principal is added.
now:
kadmin: ktadd host/localhost.localdomain
keytab file created in /etc/krb5.keytab on the appliaction server.
I am able to get the ticket,establish the telnet connection. My
question is:
How KDC will come to know abt the application server's password? and
where it will be stored on the KDC? ofcource on application server, it
is stored in /etc/krb5.keytab
As i Know this application server password is used by the KDC to form
the
service key which is issued to the client.
thanks in advance
More information about the Kerberos
mailing list