Search all pages
Professions, Sciences, Humanities, Business, ...
Text-based, GUI, Audio, Video, Keyboards, Mouse, Images,...
Conversions, tests, processing, manipulation,...
Integer, Floating point, Matrix, Statistics, Boolean, ...
Algorithms, Memory, Process control, Debugging, ...
Data storage, Integrity, Encryption, Compression, ...
Networks, protocols, Interprocess, Remote, Client Server, ...
Timing, Calendar and Clock, Audio, Video, Printer, Controls...
Management, Filtering, File & Directory access, Viewers, ...
RocketLink!--> Man page versions:
ksrvutil - host kerberos keyfile (srvtab) manipulation
ksrvutil operation [ -k ] [ -i ] [ -a ] [ -f filename ]
ksrvutil allows a system manager to list or change keys
currently in his keyfile or to add new keys to the key-
Operation must be one of the following:
list lists the keys in a keyfile showing version num-
ber and principal name. If the -k option is
given, keys will also be shown.
change changes all the keys in the keyfile by using the
regular admin protocol. If the -i flag is
given, ksrvutil will prompt for yes or no before
changing each key. If the -k option is used,
the old and new keys will be displayed.
add allows the user to add a key. add prompts for
name, instance, realm, and key version number,
asks for confirmation, and then asks for a pass-
word. ksrvutil then converts the password to a
key and appends the keyfile with the new infor-
mation. If the -k option is used, the key is
In all cases, the default file used is KEY_FILE as defined
in krb.h unless this is overridden by the -f option.
A good use for ksrvutil would be for adding keys to a key-
file. A system manager could ask a kerberos administrator
to create a new service key with kadmin(8) and could sup-
ply an initial password. Then, he could use ksrvutil to
add the key to the keyfile and then to change the key so
that it will be random and unknown to either the system
manager or the kerberos administrator.
If the -a option is given, ksrvutil uses the AFS string-
to-key function. Use this if you are running an AFS
ksrvutil always makes a backup copy of the keyfile before
making any changes.
MIT Project Athena Kerberos Version 4.0 1
If ksrvutil should exit on an error condition at any time
during a change or add, a copy of the original keyfile can
be found in filename.old where filename is the name of the
keyfile, and a copy of the file with all new keys changed
or added so far can be found in filename.work. The origi-
nal keyfile is left unmodified until the program exits at
which point it is removed and replaced it with the work-
file. Appending the workfile to the backup copy and
replacing the keyfile with the result should always give a
usable keyfile, although the resulting keyfile will have
some out of date keys in it.
Emanuel Jay Berkenbilt, MIT Project Athena
MIT Project Athena Kerberos Version 4.0 2
Source: OpenBSD 2.6 man pages. Copyright: Portions are copyrighted by BERKELEY
SOFTWARE DESIGN, INC., The Regents of the University of California, Massachusetts
Institute of Technology, Free Software Foundation, FreeBSD Inc., and others.
(Corrections, notes, and links courtesy of RocketAware.com)
FreeBSD Sources for ksrvutil(8)
OpenBSD sources for ksrvutil(8)
Up to: Kerberos authentication
RocketLink!--> Man page versions:
Search | About | Comments | Submit Path: RocketAware > man pages >
RocketAware.com is a service of Mib Software
Copyright 1999, Forrest J. Cavalier III. All Rights Reserved.
We welcome submissions and comments