[OpenAFS] Manually Creating Cross Realm Users

Derrick J Brashear shadow@dementia.org
Tue, 5 Aug 2003 14:26:57 -0400 (EDT)


(Please don't CC me on your reply)

On Tue, 5 Aug 2003, Chris McClimans wrote:

> There is no way to create a openafs server keytab from a password eh?

Shouldn't be hard to write, instead of reading a key from input, read a
password and apply string_to_key to it. You should be able to steal the
code you need from klog or whatever and stick in bos.

> authority over the afs/cell. If they create the keytab and send it to
> us. They could connect

Oh, well, if what you have is actually a krb5 keytab, heimdal has a
utility (ktutil, in fact) which will read a keytab and write an AFS
KeyFile)

> Maybe I could hack the database offline? Does anyone have pointers to
> the format
> or other suggestions?

pt_util will dump it and you can edit the dump, but I'm not sure what you
mean to be doing.