OSF DCE Administration Guide--Core Components
Creating and Maintaining Accounts
__________________________________________________________________
Option Meaning
__________________________________________________________________
__________________________________________________________________
31.6.2.1 Creating a Keytab File
Use the keytab create command to create keytab files, entries in the files, and the
corresponding dced object. When you use this command, you must supply the
pathname of the dced object to be created as an argument, the storage option to specify
the keytab’s local, the data option to specify the name of the server principal and the
keys, and any of the appropriate options listed in Table 31-2.
This data option is in the form
principal_name key_type {version}{key_value}
where:
principal_name Is the name of the server principal for which the keytab file is being
created.
key_type Is a code that specifies whether the key is stored in plain text or in
DES encrypted format:
• des indicates DES encryption.
• plain indicates plain text.
version Is the key’s version number. If you supply no version number, the
key is assigned a number of 1.
key_value Unless you specified the -random option to randomly generate
keys, you must supply a key value. If key_type is plain, you supply
the plain text key. If key_type is des, you must supply a DES
encrypted key.
The following sample command performs these tasks:
• Creates the dced keytab object /.:/hosts/music/config/keytab/svr4_key
• Creates the keytab file named /opt/dcelocal/keys/svr4_key in the keys directory on
the local machine named music
• Creates an plain text key entry in the file for principal mahler and assigns it a
version number of 3.
dcecp> keytab create /.:/hosts/music/config/keytab/svr4_key -attr \
{{storage /opt/dcelocal/keys/svr4_key} \
{data {mahler plain 3 mon#Repos}}
124243 Tandem Computers Incorporated 31− 17