On 01/20/2012 06:54 PM, Will Fiveash wrote: > Does the kdb5_util stash require the admin running it know the master > key password or should it be able to extract it from the K/M princ?
By design, it's impractical to extract the master key from the K/M princ alone. kdb5_util stash can use either an existing stash file or an admin-specified password to decrypt the keys in the K/M entry. ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
