[OpenAFS] Quick assist - admin principal (krb5 KDC)
Jeff Blaine
jblaine@kickflop.net
Mon, 01 Jun 2009 16:44:58 -0400
We're still using kaserver for now, but I noticed the other
day that I did not know the password for our krb5 'admin'
principal, so eventually this needs to be fixed.
We use admin/admin for KDC administration, which doesn't
work for privileged AFS ops.
The current entry is as such, questions following:
Principal: admin@RCF.FOO.COM
Expiration date: Wed Dec 30 19:00:00 EST 2037
Last password change: [never]
Password expiration date: [none]
Maximum ticket life: 1 days 00:00:00
Maximum renewable life: 1 days 00:00:00
Last modified: Mon Feb 18 16:12:05 EST 2008 (admin@RCF.FOO.COM)
Last successful authentication: [never]
Last failed authentication: [never]
Failed password attempts: 0
Number of keys: 1
Key: vno 21, DES cbc mode with CRC-32, AFS version 3
Attributes:
Policy: [none]
1. Once kaserver is turned off, does this enctype need
to stay this way, or is this a remnant of me flailing
while setting this up back then?
2. No question, just feel free to comment on the on/off
track nature of what you see.