diff options
Diffstat (limited to 'kerberosIV/ksrvutil/ksrvutil.8')
| -rw-r--r-- | kerberosIV/ksrvutil/ksrvutil.8 | 124 |
1 files changed, 0 insertions, 124 deletions
diff --git a/kerberosIV/ksrvutil/ksrvutil.8 b/kerberosIV/ksrvutil/ksrvutil.8 deleted file mode 100644 index 65227821d84..00000000000 --- a/kerberosIV/ksrvutil/ksrvutil.8 +++ /dev/null @@ -1,124 +0,0 @@ -.\" -.\" This source code is no longer held under any constraint of USA -.\" `cryptographic laws' since it was exported legally. The cryptographic -.\" functions were removed from the code and a "Bones" distribution was -.\" made. A Commodity Jurisdiction Request #012-94 was filed with the -.\" USA State Department, who handed it to the Commerce department. The -.\" code was determined to fall under General License GTDA under ECCN 5D96G, -.\" and hence exportable. The cryptographic interfaces were re-added by Eric -.\" Young, and then KTH proceeded to maintain the code in the free world. -.\" -.\"Copyright (C) 1989 by the Massachusetts Institute of Technology -.\" -.\"Export of this software from the United States of America is assumed -.\"to require a specific license from the United States Government. -.\"It is the responsibility of any person or organization contemplating -.\"export to obtain such a license before exporting. -.\" -.\"WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -.\"distribute this software and its documentation for any purpose and -.\"without fee is hereby granted, provided that the above copyright -.\"notice appear in all copies and that both that copyright notice and -.\"this permission notice appear in supporting documentation, and that -.\"the name of M.I.T. not be used in advertising or publicity pertaining -.\"to distribution of the software without specific, written prior -.\"permission. M.I.T. makes no representations about the suitability of -.\"this software for any purpose. It is provided "as is" without express -.\"or implied warranty. -.\" -.\" $OpenBSD: ksrvutil.8,v 1.5 1998/02/25 15:51:51 art Exp $ -.TH KSRVUTIL 8 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -ksrvutil \- host kerberos keyfile (srvtab) manipulation utility -.SH SYNOPSIS -ksrvutil -.B operation -[ -.B \-k -] [ -.B \-i -] [ -.B \-a -] [ -.B \-f filename -] -.SH DESCRIPTION -.I ksrvutil -allows a system manager to list or change keys currently in his -keyfile or to add new keys to the keyfile. -.PP - -Operation must be one of the following: -.TP 10n -.I list -lists the keys in a keyfile showing version number and principal -name. If the \-k option is given, keys will also be shown. -.TP 10n -.I change -changes all the keys in the keyfile by using the regular admin -protocol. If the \-i flag is given, -.I ksrvutil -will prompt for yes or no before changing each key. If the \-k -option is used, the old and new keys will be displayed. -.TP 10n -.I add -allows the user to add a key. -.I add -prompts for name, instance, realm, and key version number, asks -for confirmation, and then asks for a password. -.I ksrvutil -then converts the password to a key and appends the keyfile with -the new information. If the \-k option is used, the key is -displayed. - -.PP -In all cases, the default file used is KEY_FILE as defined in -krb.h unless this is overridden by the \-f option. - -.PP -A good use for -.I ksrvutil -would be for adding keys to a keyfile. A system manager could -ask a kerberos administrator to create a new service key with -.IR kadmin (8) -and could supply an initial password. Then, he could use -.I ksrvutil -to add the key to the keyfile and then to change the key so that -it will be random and unknown to either the system manager or -the kerberos administrator. - -.PP -If the \-a option is given, -.I ksrvutil -uses the AFS string-to-key function. Use this if you are running -an AFS kaserver. - -.PP -.I ksrvutil -always makes a backup copy of the keyfile before making any -changes. - -.SH DIAGNOSTICS -If -.I ksrvutil -should exit on an error condition at any time during a change or -add, a copy of the -original keyfile can be found in -.IR filename .old -where -.I filename -is the name of the keyfile, and a copy of the file with all new -keys changed or added so far can be found in -.IR filename .work. -The original keyfile is left unmodified until the program exits -at which point it is removed and replaced it with the workfile. -Appending the workfile to the backup copy and replacing the -keyfile with the result should always give a usable keyfile, -although the resulting keyfile will have some out of date keys -in it. - -.SH SEE ALSO -kadmin(8), ksrvtgt(1) - -.SH AUTHOR -Emanuel Jay Berkenbilt, MIT Project Athena |