Nicolas.Williams at sun.com
Tue Aug 5 16:29:22 EDT 2008
On Tue, Aug 05, 2008 at 04:44:54AM +0000, Victor Sudakov wrote:
> Victor Sudakov wrote:
> > > There is a very useful command "ktutil get" in Heimdal. It allows to
> > > conveniently join a host into a Kerberos domain, without bothering
> > > about transferring the keytab.
> > > What is the analogous command in the Solaris Kerberos implementation?
> > No Solaris Kerberos experts here? Well, what is the analogous command
> > in MIT Kerberos?
> Am I asking something stupid? How do you securely transfer a keytab
> for the host principal to the host? "ktutil get" does just that.
kadmin(1M) is the tool to use to set principal keys and maintain keytab
files. The kadmin protocol uses RPCSEC_GSS and Kerberos for transport
If you want to move keytab files around securely then use ssh/sftp or
any other secure file transfer or remote filesystem protocol.
More information about the Kerberos