[OpenAFS] Odd question: KeyFile vs keytab
John Rudd
jrudd@ucsc.edu
Fri, 1 Sep 2006 20:55:16 -0700
On Sep 1, 2006, at 3:05 PM, Russ Allbery wrote:
> Jeffrey Altman <jaltman@secure-endpoints.com> writes:
>> John Rudd wrote:
>
>>> b) is there a way to reverse the asetkey operation, effectively
>>> creating a keytab from a KeyFile? And then I could use ktutil to
>>> convert it to a krb5 keytab, and then run the OpenAFS version of
>>> asetkey?
>
>> asetkey takes a Kerberos 5 key and stores it in the AFS KeyFile.
>
> I think that's only the second half of what John asked. Given the
> answer
> to (a), the answer to the first half of (b) is probably academic, but
> for
> the record the answer is that I believe Heimdal's ktutil does support
> this
> but I don't believe MIT's ktutil does.
>
Thanks.
And, yes, the answer to (a) gave Joe and I everything we needed (I
don't think either of us realized we were both going to ask the same
basic question at the same time).