is the master key cached somehow (slave side)?
Giuseppe Mazza
g.mazza at imperial.ac.uk
Wed Jun 25 10:37:21 EDT 2014
Dear All,
Do you know whether the master key is cached somehow?
I have done the thing below:
0] the main characters are
sv-u1404-02 is my kerberos master
sv-u1404 is my kerberos slave
1] on the kerberos slave:
root at sv-u1404:/etc/krb5kdc#
service krb5-admin-server stop
service krb5-kdc stop
mv stash stash.safe
2] on the kerberos master:
I have created a new principal, i.e.
kadmin: listprincs *ciao*
host/ciao.doc.ic.ac.uk at GIU.DOC.IC.AC.UK
root at sv-u1404-02:~# /usr/sbin/kprop -f ~/temp/slave_datatrans sv-u1404
Database propagation to sv-u1404: SUCCEEDED
3] back on the keberos slave:
root at sv-u1404:/etc/krb5kdc# mv stash.safe stash
(I need to do that, otherwise the daemon does not start)
root at sv-u1404:/etc/krb5kdc# service krb5-admin-server start
root at sv-u1404:/etc/krb5kdc# kadmin.local
kadmin.local: listprincs *ciao*
host/ciao.doc.ic.ac.uk at GIU.DOC.IC.AC.UK
The update of the db from my master sv-u1404-02 to my slave sv-u1404
was successful...
Is it the normal behaviour?
I thought you should have a valid stash file on place to access the
database on the slave. Maybe not?
Or there is some kind of caching?
Do you know how it works?
Thank you in advance.
All the best,
Giuseppe
More information about the Kerberos
mailing list