Creating a Keytab File
Use the keytab create command to create keytab files, entries in the files, and the corresponding dced object. When you use this command, you must supply the pathname of the dced object to be created as an argument, the storage option to specify the keytab's local, the data option to specify the name of the server principal and the keys, and any of the appropriate options listed in the following table.
This data option is in the form
principal_name key_type {version} {key_value}
where:
principal_name
Is the name of the server principal for which the keytab file is being created.
key_type
Is a code that specifies whether the key is stored in plain text or in DES encrypted format:
· des indicates DES encryption.
· plain indicates plain text.
version
Is the key's version number. If you supply no version number, the key is assigned a number of 1.
key_value
Unless you specified the -random option to randomly generate keys, you must supply a key value. If key_type is plain, you supply the plain
text key. If key_type is des, you must supply a DES encrypted key.
The following sample command performs these tasks:
· Creates the dced keytab object /.:/hosts/music/config/keytab/svr4_key
· Creates the keytab file named /opt/dcelocal/keys/svr4_key in the keys directory on the local machine named music
· Creates a plain text key entry in the file for principal mahler and assigns it a version number of 3.
dcecp> keytab create /.:/hosts/music/config/keytab/svr4_key -attr \
> {{storage /opt/dcelocal/keys/svr4_key} \
> {data {mahler plain 3 mon#Repos}}
dcecp>