Museum

Home

Lab Overview

Retrotechnology Articles

⇒ Online Manual

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

kdb_util(8krb)

kstash(8krb)

kdb_edit(8krb)

kdb_destroy(8krb)

kdb_init(8krb)

Name

kdb_init − initialize the Kerberos master database

Syntax

/var/dss/kerberos/bin/kdb_init [ realm-name ] [ database-name ]

Arguments

realm-name The realm of the Kerberos database. 

database-name A database specified so that the current /var/dss/kerberos/dbase/principal.pag, /var/dss/kerberos/dbase/principal.dir, and /var/dss/kerberos/dbase/principal.ok files are not overwritten.

Description

The kdb_init utility creates and initializes the Kerberos master database. The utility creates the database files: /var/dss/kerberos/dbase/principal.dir, /var/dss/kerberos/dbase/principal.pag, and /var/dss/kerberos/dbase/principal.ok. It also initializes the database by adding three database entries: the master database principal, a Kerberos default principal, the ticket-granting service principal ( krbtkt), and the password changing principal, changepw.

The master database principal is the entry to the database itself.  You cannot use or modify the database without the master database password.  The Kerberos default principal provides a template for service principals. 

The ticket-granting service, krbtkt, is used by Kerberos principals to obtain tickets to communicate with other Kerberos principals. The password-changing principal is not used.

If realm-name is omitted when you enter the command, kdb_init prompts for it. The program also prompts for the master database key. You cannot manipulate the database without this key.

By using database-name, you can create another database to prevent the current principal.dir, principal.pag, and principal.ok files from being overwritten.

After using kdb_init to set up the master database, you may want to use the kstash(8krb) utility to hide the master database password on the database host machine. This enables Kerberos administration programs to access and manipulate the master database, without needing the password to be entered manually.

Files

/var/dss/kerberos/dbase/principal.pag

/var/dss/kerberos/dbase/principal.dir

/var/dss/kerberos/dbase/principal.ok

See Also

kdb_util(8krb), kstash(8krb), kdb_edit(8krb), kdb_destroy(8krb)

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026