Pierre-Yves Chibon 8dc5f17b3c Add doc on how to create a keytab

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>

2021-03-30 10:12:13 +02:00

810 B

Raw Permalink Blame History

How to create a keytab for an user?

First obtain Kerberos ticket with kinit:

$ kinit myusername@FEDORAPROJECT.ORG
Password for myusername@FEDORAPROJECT.ORG:

Then obtain kvno value:

$ kvno myusername@FEDORAPROJECT.ORG
myusername@FEDORAPROJECT.ORG: kvno = 42

Ticket is no longer needed and can be destroyed:

$ kdestroy -p myusername@FEDORAPROJECT.ORG

Generate keytab and write it to disk:

$ ktutil
ktutil:  addent -password -p myusername@FEDORAPROJECT.ORG -k 42 -f
Password for myusername@FEDORAPROJECT.ORG:
ktutil:  wkt /tmp/kt/fedora
ktutil:  q

Done. You can now use the keytab to obtain the ticket without typing password:

$ kinit -kt /tmp/kt/fedora myusername@FEDORAPROJECT.ORG

(source: https://pagure.io/fedora-infrastructure/issue/9544#comment-706949)

810 B Raw Permalink Blame History

How to create a keytab for an user?

810 B

Raw Permalink Blame History