[OpenAFS] Odd question: KeyFile vs keytab

John Rudd jrudd@ucsc.edu
Fri, 1 Sep 2006 20:55:16 -0700

On Sep 1, 2006, at 3:05 PM, Russ Allbery wrote:

> Jeffrey Altman <jaltman@secure-endpoints.com> writes:
>> John Rudd wrote:
>>> b) is there a way to reverse the asetkey operation, effectively
>>> creating a keytab from a KeyFile?  And then I could use ktutil to
>>> convert it to a krb5 keytab, and then run the OpenAFS version of
>>> asetkey?
>> asetkey takes a Kerberos 5 key and stores it in the AFS KeyFile.
> I think that's only the second half of what John asked.  Given the 
> answer
> to (a), the answer to the first half of (b) is probably academic, but 
> for
> the record the answer is that I believe Heimdal's ktutil does support 
> this
> but I don't believe MIT's ktutil does.


And, yes, the answer to (a) gave Joe and I everything we needed (I 
don't think either of us realized we were both going to ask the same 
basic question at the same time).