diff options
author | Rob Crittenden <rcritten@redhat.com> | 2008-02-25 14:56:09 -0500 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2008-02-25 14:56:09 -0500 |
commit | 6d759d7dcb37427a6cc42e5553a03ce23fe00ae5 (patch) | |
tree | 14c0202c00c1fdb56376faf12ad7fd0dd3b684f3 /ipa-client/man/ipa-getkeytab.1 | |
parent | 02d3c5aff3f449f23ff7f3814b54383a3de263bc (diff) | |
download | freeipa-6d759d7dcb37427a6cc42e5553a03ce23fe00ae5.tar.gz freeipa-6d759d7dcb37427a6cc42e5553a03ce23fe00ae5.tar.xz freeipa-6d759d7dcb37427a6cc42e5553a03ce23fe00ae5.zip |
Move ipa-getkeytab man page into proper subdir
433878
Diffstat (limited to 'ipa-client/man/ipa-getkeytab.1')
-rw-r--r-- | ipa-client/man/ipa-getkeytab.1 | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/ipa-client/man/ipa-getkeytab.1 b/ipa-client/man/ipa-getkeytab.1 new file mode 100644 index 000000000..3ca1b458b --- /dev/null +++ b/ipa-client/man/ipa-getkeytab.1 @@ -0,0 +1,63 @@ +.\" A man page for ipa-getkeytab +.\" Copyright (C) 2007 Red Hat, Inc. +.\" +.\" This is free software; you can redistribute it and/or modify it under +.\" the terms of the GNU Library General Public License as published by +.\" the Free Software Foundation; version 2 only +.\" +.\" This program is distributed in the hope that it will be useful, but +.\" WITHOUT ANY WARRANTY; without even the implied warranty of +.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +.\" General Public License for more details. +.\" +.\" You should have received a copy of the GNU Library General Public +.\" License along with this program; if not, write to the Free Software +.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +.\" +.\" Author: Karl MacMillan <kmacmill@redhat.com> +.\" +.TH "ipa-getkeytab" "1" "Oct 10 2007" "freeipa" "" +.SH "NAME" +ipa\-getkeytab \- Get a keytab for a kerberos principal +.SH "SYNOPSIS" +ipa\-getkeytab [\fI-a\fR] \fIprincipal-name\fR \fIfile-name\fR + +.SH "DESCRIPTION" +Retrieves a kerberos \fIkeytab\fR and optionally adds a +service \fIprincipal\fR. + +Kerberos keytabs are used for services (like sshd) to +perform kerberos authentication. A keytab is a file +with one or more secrets (or keys) for a kerberos +principal. + +A kerberos service principal is a kerberos identity +that can be used for authentication. Service principals +contain the name of the service, the hostname of the +server, and the realm name. For example, the following +is an example principal for an ldap server: + + ldap/foo.example.com@EXAMPLE.COM + +When using ipa-getkeytab the realm name is already +provided, so the principal name is just the service +name and hostname (ldap/foo.example.com from the +example above). + +\fBWARNING:\fR retrieving the keytab resets the secret +rendering all other keytabs for that principal invalid. + +.SH "OPTIONS" +.TP +\fB\-a\fR +Add the service principal in addition to getting the keytab + +.SH "EXAMPLES" + +Add and retrieve a keytab for the ldap service principal on +the host foo.example.com and save it in the file ldap.keytab. + + # ipa-getkeytab -a ldap/foo.example.com ldap.keytab + +.SH "EXIT STATUS" +The exit status is 0 on success, nonzero on error. |