kstash(8)

reads the Kerberos master key and stores it in a file that will be used by the KDC.

Section 8 heimdal-kdc bookworm source

Description

KSTASH(8) System Manager’s Manual KSTASH(8)

NAME

kstash — store the KDC master password in a file

SYNOPSIS

kstash [

-e string |
--enctype=string ] [
-k file |
--key-file=file ] [--convert-file] [--random-key] [--master-key-fd=fd] [--random-key] [-h | --help] [--version]

DESCRIPTION

kstash reads the Kerberos master key and stores it in a file that will be used by the KDC.

Supported options:

-e string, --enctype=string

the encryption type to use, defaults to DES3-CBC-SHA1.

-k file, --key-file=file

the name of the master key file.

--convert-file

don’t ask for a new master key, just read an old master key file, and write it back in the new keyfile format.

--random-key

generate a random master key.

--master-key-fd=fd

filedescriptor to read passphrase from, if not specified the passphrase will be read from the terminal.

FILES

/var/heimdal/m-key is the default keyfile if no other keyfile is specified. The format of a Heimdal master key is the same as a keytab, so ktutil list can be used to list the content of the file.

SEE ALSO

kdc(8) HEIMDAL April 10, 2007 KSTASH(8)