[OpenAFS] Kerberos 5 Master key.
Daniel Swärd
excds@kth.se
30 Sep 2002 19:55:38 +0200
On Mon, 2002-09-30 at 17:16, Derek Atkins wrote:
> Daniel Swärd <excds@kth.se> writes:
>
> > On Mon, 2002-09-30 at 16:55, Derek Atkins wrote:
> > > Did you want to change the key or change the name? Changing the key
> > > is relatively easy. Changing the Master Key can be done online
> > > (although everyone needs to 'kinit' after you do this). Changing the
> > > AFS key can be done by just extracting a new keytab from the kasmin
> > > interface, and then running asetkey to install the new key.
> >
> > Not the name, changing the master key/password is what I want to do.
> >
> > How do I then change both master key and the AFS key?
>
> You can just change the master key like you would any other key.
> The major problem with changing the master key is that all
> outstanding TGTs will immediately become invalid.
What's the syntax? Is it just to use "kdb5_util stash" ?
> > (The reason I want to change it is that I can't remember what the
> > password was. Might as well be foobar :-)) ... )
>
> Fair enough.
This incident _should_ teach me proper documentation practice, but who
knows? :)
/Daniel