kdb_edit(8krb)kdb_edit(8krb)Namekdb_edit - Kerberos database editing utility
Syntax
/var/dss/kerberos/bin/kdb_edit [-n]
Description
You use the command to create or change principals stored in the Ker‐
beros database. When you invoke kdb_edit, the command prompts you for
the Kerberos database master key and verifies that the key is the same
as the master key of the Kerberos database. If the -n option is used,
the key is fetched from the master key file.
Once the master key is verified, kdb_edit begins a loop that prompts
you for the principal and instance name to modify. If kdb_edit does not
find an entry, you can create one. Once kdb_edit finds or creates an
entry, you can set the password, expiration date, maximum ticket life‐
time, and attributes of a principal.
The kdb_edit command displays, in brackets, the default values for the
expiration dates, maximum ticket lifetimes, and attributes. You can
select any default by pressing the return key. The kdb_edit command
indicates that you have successfully created or changed an entry by
displaying the message, "Edit O.K."
There is no default password for a principal. However, if you enter
RANDOM as the password for a principal, kdb_edit selects a random Data
Encryption Standard (DES) key for the principal.
Whenever the Kerberos database is changed by the modification time of
is updated. The file indicates the age of the database.
Options-n If you specify the command with the -n option, kdb_edit fetches
the key from the master key file.
Files
See Also
kdb_init(8krb), kstash(8krb), kdb_util(8krb),
kdb_destroy(8krb)kdb_edit(8krb)