Top Document: Kerberos FAQ, v2.0 (last modified 8/18/2000) Previous Document: 2.5. There's a lot of stuff in the krb5.conf and kdc.conf files. What does it all mean, and what do I really need? Next Document: 2.7. How do I set up slave servers? See reader questions & answers on this topic! - Help others by sharing your knowledge In Kerberos 5 .. you don't :-) It is possible for you to change the master key using the kadmin. However, the master key is also probably stored in a stash file (depending on your site) and is used to encrypt all of the entries in the database. If you change the master key with kadmin, you won't change it in the stash file or reencrypt all of the entries in the database. Note that there are no technical obstacles in doing this; Kerberos 4 provided a command to change the master key, and it did all of the right things. However, no one has implemented this functionality (yet) for Kerberos 5. User Contributions:Top Document: Kerberos FAQ, v2.0 (last modified 8/18/2000) Previous Document: 2.5. There's a lot of stuff in the krb5.conf and kdc.conf files. What does it all mean, and what do I really need? Next Document: 2.7. How do I set up slave servers? Single Page [ Usenet FAQs | Web FAQs | Documents | RFC Index ] Send corrections/additions to the FAQ Maintainer: Ken Hornstein <kenh@cmf.nrl.navy.mil>
Last Update March 27 2014 @ 02:11 PM
|
Comment about this article, ask questions, or add new information about this topic: