On Wed, May 10, 2017 at 12:20:44AM +0530, Abhishek Kaushik wrote: > Thank you for replying. > > I understood that it is a symmetric key which is shared with the KDC. > So, is it in binary format or is there some other format which is used, > generally?
The keytab file format is documented at http://web.mit.edu/kerberos/krb5-latest/doc/formats/keytab_file_format.html > And what if(hypothetically) you don't have a password for some user, how is > the key generated in such a case? > Like you have mentioned that the services only have the raw key.. During provisioning or rekeying, the KDC generates a random key and transmits it to the client (over an encrypted connection, of course). -Ben ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
