ktadd then principal's password no longer works?

[Russ Allbery]

Shumon Huque <shuque at isc.upenn.edu> writes:

> This won't work. ktadd creates a new random key everytime it
> is invoked, thus destroying your earlier password derived
> key. The manpage says:

>      ktadd [-k keytab] [-q] [-e keysaltlist]
>           [principal | -glob princ-exp] [...]

>           Adds a principal or all principals  matching  princ-exp
>           to  a  keytab,  randomizing each principal's key in the
>           process. ...

> I don't think the MIT distro has any tool to do what you want.

ktadd -norandkey.  It's only available via kadmin.local.

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>