Is there a "batchable" way to do ktutil list
Dameon Wagner
dameon.wagner at it.ox.ac.uk
Wed Apr 21 04:15:53 EDT 2021
On Wed, Apr 21 2021 at 00:56:39 -0700, Dan Mahoney (Gushi) scribbled
in "Is there a "batchable" way to do ktutil list":
> All,
>
> Dayjob has a puppet fact that, under freeBSD, uses "ktutil list" to get
> the kvno of a given host. This works great because the heimdal kerberos
> that's built into freeBSD is what we like to parse. It takes a -k
> argument to specify a keytab file.
>
> Linux is another story. Under ubuntu, the mit version of ktutil gets
> installed, and I can't figure out how to script it easily. There are no
> documented ways to pass an arg, or even to print the version. (We can
> glean it by looking at installed packages).
>
> Is there another command that is more script-friendly? If not, can
> someone share a good way to pass args to the MIT ktutil?
If you want the "true" kvno value, from a KDC, then the `kvno` tool
will return the results you want.
I you want the kvno values from within a keytab, like ktutil would
provide, then I'd look at the `k5srvutil` tool, which will take
subcommands and arguments for passing in the path to a keytab.
Cheers.
Dameon.
--
><> ><> ><> ><> ><> ><> ooOoo <>< <>< <>< <>< <>< <><
Dr. Dameon Wagner, Unix Platform Services
IT Services, University of Oxford
><> ><> ><> ><> ><> ><> ooOoo <>< <>< <>< <>< <>< <><
More information about the Kerberos
mailing list