diff options
Diffstat (limited to 'src/man/k5srvutil.1')
| -rw-r--r-- | src/man/k5srvutil.1 | 84 |
1 files changed, 84 insertions, 0 deletions
diff --git a/src/man/k5srvutil.1 b/src/man/k5srvutil.1 new file mode 100644 index 0000000000..567e82a815 --- /dev/null +++ b/src/man/k5srvutil.1 @@ -0,0 +1,84 @@ +.TH "K5SRVUTIL" "1" "January 06, 2012" "0.0.1" "MIT Kerberos" +.SH NAME +k5srvutil \- host key table (keytab) manipulation utility +. +.nr rst2man-indent-level 0 +. +.de1 rstReportMargin +\\$1 \\n[an-margin] +level \\n[rst2man-indent-level] +level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] +- +\\n[rst2man-indent0] +\\n[rst2man-indent1] +\\n[rst2man-indent2] +.. +.de1 INDENT +.\" .rstReportMargin pre: +. RS \\$1 +. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin] +. nr rst2man-indent-level +1 +.\" .rstReportMargin post: +.. +.de UNINDENT +. RE +.\" indent \\n[an-margin] +.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]] +.nr rst2man-indent-level -1 +.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] +.in \\n[rst2man-indent\\n[rst2man-indent-level]]u +.. +.\" Man page generated from reStructeredText. +. +.SH SYNOPSIS +.sp +\fBk5srvutil\fP \fIoperation\fP [ \fB\-i\fP ] [ \fB\-f\fP \fIfilename\fP ] +.SH DESCRIPTION +.sp +\fIk5srvutil\fP allows a system manager to list or change keys currently in his keytab or to add new keys to the keytab. +.sp +Operation must be one of the following: +.INDENT 0.0 +.INDENT 3.5 +.INDENT 0.0 +.TP +.B \fBlist\fP +.sp +Lists the keys in a keytab showing version number and principal name. +.TP +.B \fBchange\fP +.sp +Changes all the keys in the keytab to new randomly\-generated keys, +updating the keys in the Kerberos server\(aqs database to match by using the kadmin protocol. +If a key\(aqs version number doesn\(aqt match the version number stored in the Kerberos server\(aqs database, +then the operation will fail. The old keys are retained so that existing tickets continue to work. +If the \fI\-i\fP flag is given, \fIk5srvutil\fP will prompt for yes or no before changing each key. +If the \fI\-k\fP option is used, the old and new keys will be displayed. +.TP +.B \fBdelold\fP +.sp +Deletes keys that are not the most recent version from the keytab. +This operation should be used some time after a change operation to remove old keys. +If the \fI\-i\fP flag is used, then the program prompts the user whether the old keys associated +with each principal should be removed. +.TP +.B \fBdelete\fP +.sp +Deletes particular keys in the keytab, interactively prompting for each key. +.UNINDENT +.UNINDENT +.UNINDENT +.sp +In all cases, the default file used is /etc/krb5.keytab file unless this is overridden by the \fB\-f\fP option. +.sp +\fIk5srvutil\fP uses the kadmin program to edit the keytab in place. +However, old keys are retained, so they are available in case of failure. +.SH SEE ALSO +.sp +kadmin(8), ktutil(8) +.SH AUTHOR +MIT +.SH COPYRIGHT +2011, MIT +.\" Generated by docutils manpage writer. +. |