Copying keys from one KDC to another?

Greg Hudson ghudson at MIT.EDU
Thu Sep 30 10:50:56 EDT 2010


On Thu, 2010-09-30 at 10:24 -0400, Brian Candler wrote:
> Ideally I would have generated a random password on one box (e.g.
> addprinc -randkey) and then copied it to the other, and I wondered if there
> is a straightforward way to do this.

I'm not personally aware of a straightforward way to do this in MIT
krb5.

I think the necessary protocol features exist in kadmin; all that's
needed is a kadmin command to push the contents of a keytab to a
principal using the setkey RPC.





More information about the Kerberos mailing list