VMS Help
DCE_SECURITY, Admin Intro, rgy_edit, key_management_commands
 *Conan The Librarian (sorry for the slow response - running on an old VAX) 

   KEY MANAGEMENT SUBCOMMANDS

   The key management subcommands must be run in command-line mode.

  1 - ktadd 

   kta[dd] -p principal_name [-pw password] [-a[uto]] [-r[egistry]]
                             [-f key-file]

   Creates a password for a server or machine in the keytab file on the
   local node.

   The -p option specifies the name of the server or machine principal
   for which you are creating a password.

   The -pw option lets you supply the password on the command line.  If
   you do not enter this option or the -auto option, ktadd prompts for
   the password.

   The -a option generates the password randomly.  If you use this
   option, you must also use the -r option.  If you do not specify
   the -auto or the -pw option, you are prompted for a password.

   The -r option updates the principal's password in the registry to
   match the string you enter (or automatically generate) for the
   password in the keytab file.  Use it to ensure that the principal's
   password in the registry and the keytab file are in synch when you
   change a principal's password in the keytab file.  To use this
   option, a password for the principal must exist in the default
   keytab file or the keytab file named by the -f option.

   The -f option specifies the name of the server keytab file on the
   local node to which you are adding the password. If you do not
   specify a keytab file name, dce$local:[krb5]v5srvtab.; is used.
   Note that you must be privileged to add entries in the default
   keytab file.

  2 - ktlist 

   ktl[ist] [-p principal_name] [-f keyfile]

   Displays principal names and password version numbers in the local
   keytab file.

   The -p option specifies the name of the server or machine principal
   for which you are displaying passwords.

   The -f option specifies the name of the server keytab file on the
   local node for which you want to display entries. If you do not
   specify a keytab file name, dce$local:[krb5]v5srvtab.; is used.

  3 - ktdelete 

   ktd[elete] -p principal_name -v version_number [-f keyfile]

   Deletes a sever or machine principal's password entry from a keytab
   file.

   The -p option specifies the name of the server or machine principal
   for whom you are deleting a password entry.

   The -v option specifies the version number of the password you want
   to delete.  Version numbers are assigned to a principal's password
   whenever the principal's password is changed.  This allows any
   servers or machines still using tickets granted under the old pass-
   word to run without interruption until the ticket expires naturally.

   The -f option specifies the name of the server keytab file on the
   local node from which you want to delete passwords. If you do not
   specify a keytab file name, dce$local:[krb5]v5srvtab.; is used.
   Note that you must be privileged to delete entries in the default
   keytab file.  You must have the appropriate access rights to
   delete entries in other keytab files.
  Close     HLB-list     TLB-list     Help  

[legal] [privacy] [GNU] [policy] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.