Installing, Configuring and Administering the Kerberos Server V 2.0 on HP-UX 11i

Administration

Manual Administration Using kadmin

Chapter 6174

The general syntax for deleting a speciﬁed principal:

command: del

For example, to delete the principal “admin”, you would do the following:

command: del

Name of Principal to delete: admin

Principal removed

You are not alerted with a conﬁrmation message on deletion of a

principal.

Extract a Principal

The ext command securely extracts a principal’s key into a local

service key table ﬁle. By default, the host/fqdn@REALM principal is

extracted into the v5srvtab ﬁle, where fqdn is the fully qualiﬁed domain

name of the host system.

If the principal does not exist in the principal database, it is added with

the name you have speciﬁed.If the service key table ﬁle does not exist, it

is created with the name you have speciﬁed.

If the principal exits, kadmin resets the key version to 1 by overwriting

the previous key and extracting the key that is created using a new

password and no salt key. To extract the key without any modiﬁcations,

use the -n option.

The general syntax for extracting a principal and a key to a local service

key table ﬁle:

command: ext

For example, to extract the principal “admin” to a local service key table

ﬁle, SrvTab, you would do the following:

command: ext

Name of Principal (host/fqdn@REALM): admin

Service Key Table File Name (/opt/krb5/v5srvtab):/opt/SrvTab

Principal modified

Key extracted

The optional parameters are:

[-n] Extracts the key for an existing principal without

changing the key or the salt type.