I would say you decide it by either adding key 4 to the keytab and have for
a period two keys in the keytab for just the case you described (no
interuption of service) or you replace key 3 with key 4. In that case a
client with key 3 can't connect. Personally I would use the first option and
On Saturday, June 10, 2006 11:13:59 AM +0530 Srinivas Cheruku
[EMAIL PROTECTED] wrote:
Hi All,
I understand that we need to change Kerberos keys at regular intervals,
since it is not recommended to use the same keys for a long amount of
time. When we change keys the kvno is incremented
Hi All,
I understand that we need to change Kerberos keys at regular intervals, since
it is not recommended to use the same keys for a long amount of time.
When we change keys the kvno is incremented and the old keys are also stored in
the Kerberos user repository.
Can anyone give me a