diff --git a/create_keytab.md b/create_keytab.md
new file mode 100644
index 0000000..2b40c6c
--- /dev/null
+++ b/create_keytab.md
@@ -0,0 +1,40 @@
+# How to create a keytab for an user?
+
+First obtain Kerberos ticket with kinit:
+
+```
+$ kinit myusername@FEDORAPROJECT.ORG
+Password for myusername@FEDORAPROJECT.ORG:
+```
+
+Then obtain kvno value:
+
+```
+$ kvno myusername@FEDORAPROJECT.ORG
+myusername@FEDORAPROJECT.ORG: kvno = 42
+```
+
+Ticket is no longer needed and can be destroyed:
+
+```
+$ kdestroy -p myusername@FEDORAPROJECT.ORG
+```
+
+Generate keytab and write it to disk:
+
+```
+$ ktutil
+ktutil:  addent -password -p myusername@FEDORAPROJECT.ORG -k 42 -f
+Password for myusername@FEDORAPROJECT.ORG:
+ktutil:  wkt /tmp/kt/fedora
+ktutil:  q
+```
+
+Done. You can now use the keytab to obtain the ticket without typing password:
+
+```
+$ kinit -kt /tmp/kt/fedora myusername@FEDORAPROJECT.ORG
+```
+
+
+(source: https://pagure.io/fedora-infrastructure/issue/9544#comment-706949)