Installing, Configuring and Administering the Kerberos Server V 2.0 on HP-UX 11i
Administration
Extracting Service Keys
Chapter 6 151
Extracting Service Keys
Unlike users who type their passwords at a keyboard, a service principal
needs to have its secret key automatically available during
authenticaton. This is done by storing the secret key for the service
principal in a file called a service key table on the host where the service
resides.
The service key table, v5srvtab, contains service principal names and
their corresponding keys. Typically, secret keys are randomly generated
for service key table file on the host system where the service resides so
that the key can be obtained from the service key table when the service
is invoked.
You must be assigned administrative permissions to add and delete
principals to extract principal key to the service key table.
To securely extract principal keys to the service key
table
Step 1. Either log on to the host system where the service resides or telnet to the
host system.
Step 2. Launch the remote administrator, kadmin_ui, and log on using a
principal account that has the required administrative permissions.
Step 3. In the kadmin_ui window, choose the Principals tab and select the
principal’s realm.
Step 4. Find the principal using the List All or Search button.
Step 5. Select the principal name from the List of Principals and click Edit.
The Principal Information window appears.
Step 6. From the Edit menu in the Principal Information window select
Extract Service Key. The Extract Service Key to Service Key Table
window appears.
Step 7. Enter the path and file name for the service key file in the Name field. If
you change from the default name and location, other that the Security
Server’s programs, settings must be edited to indicate the new location of
the service key table file.