[36221] in Kerberos
is the master key cached somehow (slave side)?
daemon@ATHENA.MIT.EDU (Giuseppe Mazza)
Wed Jun 25 10:37:40 2014
Message-ID: <53AADEA1.7010409@imperial.ac.uk>
Date: Wed, 25 Jun 2014 15:37:21 +0100
From: Giuseppe Mazza <g.mazza@imperial.ac.uk>
MIME-Version: 1.0
To: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Dear All,
Do you know whether the master key is cached somehow?
I have done the thing below:
0] the main characters are
sv-u1404-02 is my kerberos master
sv-u1404 is my kerberos slave
1] on the kerberos slave:
root@sv-u1404:/etc/krb5kdc#
service krb5-admin-server stop
service krb5-kdc stop
mv stash stash.safe
2] on the kerberos master:
I have created a new principal, i.e.
kadmin: listprincs *ciao*
host/ciao.doc.ic.ac.uk@GIU.DOC.IC.AC.UK
root@sv-u1404-02:~# /usr/sbin/kprop -f ~/temp/slave_datatrans sv-u1404
Database propagation to sv-u1404: SUCCEEDED
3] back on the keberos slave:
root@sv-u1404:/etc/krb5kdc# mv stash.safe stash
(I need to do that, otherwise the daemon does not start)
root@sv-u1404:/etc/krb5kdc# service krb5-admin-server start
root@sv-u1404:/etc/krb5kdc# kadmin.local
kadmin.local: listprincs *ciao*
host/ciao.doc.ic.ac.uk@GIU.DOC.IC.AC.UK
The update of the db from my master sv-u1404-02 to my slave sv-u1404
was successful...
Is it the normal behaviour?
I thought you should have a valid stash file on place to access the
database on the slave. Maybe not?
Or there is some kind of caching?
Do you know how it works?
Thank you in advance.
All the best,
Giuseppe
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
