If I understand the concern, I have the same one. For user cron jobs, the
traditional approach is for the user to create a keytab. As others have noted,
the keytab is equivalent to the password. The problem for me is that a keytab
is good on all hosts. So if someone manages to become root on one
Okay.The reason I asked for the format is this : for my work, I need the
keytab file to be loaded in my application and since it has to be
protected, I was planning to encode it in, say Base64 and store it in a
secure server, and retrieve it from there and decode it and use it. But
since the keyta
Thank you for replying.
I understood that it is a symmetric key which is shared with the KDC.
So, is it in binary format or is there some other format which is used,
generally?
And what if(hypothetically) you don't have a password for some user, how is
the key generated in such a case?
Like you ha
On Wed, May 10, 2017 at 12:20:44AM +0530, Abhishek Kaushik wrote:
> Thank you for replying.
>
> I understood that it is a symmetric key which is shared with the KDC.
> So, is it in binary format or is there some other format which is used,
> generally?
The keytab file format is documented at
http
On Tue, May 09, 2017 at 01:02:08PM +0530, Abhishek Kaushik wrote:
> Hello,
>
> I am trying to understand how Kerberos works and so came across this file
> called Keytab which, I believe, is used for authentication to the KDC
> server.
>
> Just like every user and service(say Hadoop) in a kerberos
Hello,
I am trying to understand how Kerberos works and so came across this file
called Keytab which, I believe, is used for authentication to the KDC
server.
Just like every user and service(say Hadoop) in a kerberos realm has a
service principal, does every user and service have a keytab file?
