MAKE_KEYPAIR(8) UNIX Programmer's Manual MAKE_KEYPAIR(8)
S
\bSY
\bYN
\bNO
\bOP
\bPS
\bSI
\bIS
\bS
m
\bma
\bak
\bke
\be_
\b_k
\bke
\bey
\byp
\bpa
\bai
\bir
\br h
\bho
\bos
\bst
\btn
\bna
\bam
\bme
\be [
\b[ h
\bho
\bos
\bst
\btn
\bna
\bam
\bme
\be .
\b..
\b..
\b. ]
\b]
D
\bDE
\bES
\bSC
\bCR
\bRI
\bIP
\bPT
\bTI
\bIO
\bON
\bN
The _
\bm_
\ba_
\bk_
\be__
\bk_
\be_
\by_
\bp_
\ba_
\bi_
\br command is used to create pairs of DES keys
for each host. The keys are used by priviledged programs
such as _
\br_
\be_
\bg_
\bi_
\bs_
\bt_
\be_
\br(1) to make remote updates to the Kerberos
database without having to have first acquired a Kerberos
ticket granting ticket (TGT). The keys created by
_
\bm_
\ba_
\bk_
\be__
\bk_
\be_
\by_
\bp_
\ba_
\bi_
\br are placed (by hand) in the filesystems of the
kerberos server in /etc/kerberosIV/register_keys, and in the
root directory on the clients. For example, the file
/.update.key128.32.130.3 would contain a copy of the key on
the client with IP address 128.32.130.3. These keys provide
a shared secret which may be used to establish a secure
channel between the client hosts and the Kerberos server.
/.update.keyxx.xx.xx.xx shared DES key with server
/etc/kerberosIV/register_keys server's key storage directory
S
\bSE
\bEE
\bE A
\bAL
\bLS
\bSO
\bO
register(1), registerd(8), kerberos(1)