[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ktutil and afs-KeyFile
On May 10, 2007, at 14:51 , Ronny Blomme wrote:
> I want to check if the KeyFile realy contains the key for
> afs@REALM.ELIS.UGENT.BE:
>
> # ktutil copy AFSKEYFILE:/usr/afs/etc/KeyFile FILE:/tmp/afs.keytab
> # ktutil -k /tmp/afs.keytab list
> /tmp/afs.keytab:
> Vno Type Principal
> 1 des-cbc-md5 afs/elis.ugent.be@ELIS.UGENT.BE
>
> This is the wrong principal!
The KeyFile doesn't actually store a principal; it stores raw keys,
indexed by kvno. ktutil fakes a standard principal name for display.
--
brandon s. allbery [solaris,freebsd,perl,pugs,haskell] allbery@kf8nh.com
system administrator [openafs,heimdal,too many hats] allbery@ece.cmu.edu
electrical and computer engineering, carnegie mellon university KF8NH