Installing, Configuring and Administering the Kerberos Server V 2.0 on HP-UX 11i
Configuration
Create The host/<fqdn> principal And Extract Its Service Key
Chapter 582
Create The host/<fqdn> principal And Extract
Its Service Key
To allow principal database propagation, the Primary Server must have
a host/<fqdn> principal and the service key for this principal must be
extracted to that server’s service key table file.
The host/<fqdn> principal is not automatically added to the principal
database on installation of the Security Server software; it must be
manually done using either kadminl_ui or kadminl.
NOTE You need to be logged in as a root user in order to execute the tasks
mentioned above. These tasks must be performed on the Primary
Security Server.
We recommend that you create a host/<fqdn> principal and extract its
service key using ktutil. To do this, at the command prompt, type:
kadminl -R “ext host/<fqdn>”
The host/<fqdn> is added to the principal database, along with a
random key. The random key is added to the service key table. To verify
that these operations were successful, use the ktutil-l to list the
contents of the key table file. The existence of a host/entry indicates
that the principal was successfully added to the database with a random
key.