KSTASH(8) System Manager’s Manual KSTASH(8)
NAME
kstash — store the KDC master password in a file
SYNOPSIS
kstash [
−e string |
−−enctype=string ] [
−k file |
−−key-file=file ]
[−−convert-file]
[−−random-key]
[−−master-key-fd=fd]
[−−random-key]
[−h | −−help]
[−−version]
DESCRIPTION
kstash reads the Kerberos master key and stores it in a file that will be used by the KDC.
Supported options:
−e string, −−enctype=string
the encryption type to use, defaults to DES3-CBC-SHA1.
−k file, −−key-file=file
the name of the master key file.
−−convert-file
don’t ask for a new master key, just read an old master key file, and write it back in the new keyfile format.
−−random-key
generate a random master key.
−−master-key-fd=fd
filedescriptor to read passphrase from, if not specified the passphrase will be read from the terminal.
FILES
/var/heimdal/m-key is the default keyfile if no other keyfile is specified. The format of a Heimdal master key is the same as a keytab, so ktutil list can be used to list the content of the file.
SEE ALSO
kdc(8) HEIMDAL April 10, 2007 KSTASH(8)