diff options
| author | Alex Dehnert <adehnert@mit.edu> | 2013-03-08 23:48:33 -0500 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2013-03-11 14:34:17 -0400 |
| commit | 4b7517731a0bf1026ff5a9a6eb1cc16b52f6debb (patch) | |
| tree | 4285c2f1ee344f1f886e3503696c316976ddf197 /doc | |
| parent | ec217570e20d4702be2830235bad56184d47b1d2 (diff) | |
| download | krb5-4b7517731a0bf1026ff5a9a6eb1cc16b52f6debb.tar.gz krb5-4b7517731a0bf1026ff5a9a6eb1cc16b52f6debb.tar.xz krb5-4b7517731a0bf1026ff5a9a6eb1cc16b52f6debb.zip | |
Add support for k5srvutil -e keysalts
k5srvutil is a little more convenient to use for rolling keys than
kadmin is. When migrating off 1DES, though, it may be desirable to
explicitly specify the desired keysalts. This adds an option, -e, to
k5srvutil to specify desired keysalts.
[ghudson@mit.edu: style fix; make whitespace in keysalt list work]
ticket: 7589 (new)
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/admin/admin_commands/k5srvutil.rst | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/doc/admin/admin_commands/k5srvutil.rst b/doc/admin/admin_commands/k5srvutil.rst index 493c176531..0e30a8ea2a 100644 --- a/doc/admin/admin_commands/k5srvutil.rst +++ b/doc/admin/admin_commands/k5srvutil.rst @@ -9,6 +9,7 @@ SYNOPSIS **k5srvutil** *operation* [**-i**] [**-f** *filename*] +[**-e** *keysalts*] DESCRIPTION ----------- @@ -31,7 +32,9 @@ a keytab or to add new keys to the keytab. existing tickets continue to work. If the **-i** flag is given, k5srvutil will prompt for confirmation before changing each key. If the **-k** option is given, the old and new keys will be - displayed. + displayed. Ordinarily, keys will be generated with the default + encryption types and key salts. This can be overridden with the + **-e** option. **delold** Deletes keys that are not the most recent version from the keytab. |