[OpenAFS] Any way to create srvtabs for use with kaserver...
Marcus Watts
mdw@umich.edu
Thu, 28 Feb 2002 04:48:29 -0500
Eric Knudstrup <eric@knudstrup.org> writes:
> Subject: [OpenAFS] Any way to create srvtabs for use with kaserver...
> Date: Thu, 28 Feb 2002 00:55:02 -0800 (PST)
>
> without upgrading to Heimdal or MIT kdc (I have set up a system once like that
> and decided I wanted to stay with the stock kaserver)?
Sure. couple choices:
(1) use some version of ksrvutil that asks for a password, and make
sure you use the same (hopefully long random) password to make
the principal using kas.
(2) build a copy of kaserver that understands "getkey", then write
an application that calls "getkey" and saves the result in a
srvtab. Note: application must run on kdc, & this only works
with empty instances
(3) write something that rummages through the kadatabase directly.
doable, but messy.
(4) write a variation of "kpasswd" that resets the password to something
random, then saves it into a file. Generate the principal using
kas, then use your utility. The utility could also create the
principal & set a random key all in one go.
(5) use kas to set the pw to a known value. Then use the "stringtokey"
function in kas to convert that same pw to a key. Use perl to convert
the key to a srvtab.
-Marcus Watts
UM ITCS Umich Systems Group