[OpenAFS] Odd question: KeyFile vs keytab
John Rudd
jrudd@ucsc.edu
Fri, 1 Sep 2006 14:23:58 -0700
So, we have KeyFiles on our old Transarc AFS DB servers. We don't have
keytabs to match those KeyFiles.
a) will the Transarc KeyFiles work directly on OpenAFS DB servers? (no
need to change the KeyFiles nor KDC stored principles, just copy the
KeyFiles over?) My doubt here is that the KeyFiles are Transarc based,
and thus krb4 based ... whereas my expectation is that the OpenAFS
KeyFiles are krb5 based...
b) is there a way to reverse the asetkey operation, effectively
creating a keytab from a KeyFile? And then I could use ktutil to
convert it to a krb5 keytab, and then run the OpenAFS version of
asetkey?