MAKE_KEYPAIR(8) BSD System Manager's Manual MAKE_KEYPAIR(8)
m
\bma
\bak
\bke
\be_
\b_k
\bke
\bey
\byp
\bpa
\bai
\bir
\br - generate Kerberos host key pair
S
\bSY
\bYN
\bNO
\bOP
\bPS
\bSI
\bIS
\bS
m
\bma
\bak
\bke
\be_
\b_k
\bke
\bey
\byp
\bpa
\bai
\bir
\br _
\bh_
\bo_
\bs_
\bt_
\bn_
\ba_
\bm_
\be [_
\bh_
\bo_
\bs_
\bt_
\bn_
\ba_
\bm_
\be _
\b._
\b._
\b.]
D
\bDE
\bES
\bSC
\bCR
\bRI
\bIP
\bPT
\bTI
\bIO
\bON
\bN
The m
\bma
\bak
\bke
\be_
\b_k
\bke
\bey
\byp
\bpa
\bai
\bir
\br command is used to create pairs of DES keys for each
_
\bh_
\bo_
\bs_
\bt_
\bn_
\ba_
\bm_
\be. The keys are used by privileged programs such as register(1) to
make remote updates to the Kerberos database without having to have first
acquired a Kerberos ticket granting ticket (TGT). The keys created by
m
\bma
\bak
\bke
\be_
\b_k
\bke
\bey
\byp
\bpa
\bai
\bir
\br are placed (by hand) in the filesystems of the kerberos
server in _
\b/_
\be_
\bt_
\bc_
\b/_
\bk_
\be_
\br_
\bb_
\be_
\br_
\bo_
\bs_
\bI_
\bV_
\b/_
\br_
\be_
\bg_
\bi_
\bs_
\bt_
\be_
\br_
\b__
\bk_
\be_
\by_
\bs, and in the root directory of the
clients. For example, the file _
\b/_
\b._
\bu_
\bp_
\bd_
\ba_
\bt_
\be_
\b._
\bk_
\be_
\by_
\b1_
\b2_
\b8_
\b._
\b3_
\b2_
\b._
\b1_
\b3_
\b0_
\b._
\b3 would contain a
copy of the key of the client with IP address 128.32.130.3. These keys
provide a shared secret which may be used to establish a secure channel
between the client hosts and the Kerberos server.
/.update.keyxx.xx.xx.xx shared DES key with server
/etc/kerberosIV/register_keys server's key storage directory
S
\bSE
\bEE
\bE A
\bAL
\bLS
\bSO
\bO
register(1), registerd(8), kerberos(1)
H
\bHI
\bIS
\bST
\bTO
\bOR
\bRY
\bY
The m
\bma
\bak
\bke
\be_
\b_k
\bke
\bey
\byp
\bpa
\bai
\bir
\br utility first appeared in 4.4BSD.
4.4BSD December 11, 1993 1