hprop
takes a principal database in a specified format and converts it into
a stream of Heimdal database records. This stream can either be
written to standard out, or (more commonly) be propagated to a
hpropd(8)
server running on a different machine.
If propagating, it connects to all
hosts
specified on the command by opening a TCP connection to port 754
(service hprop) and sends the database in encrypted form.
Supported options:
|
| -m file , -master-key= file
|
| |
Where to find the master key to encrypt or decrypt keys with.
|
| -d file , -database= file
|
| |
The database to be propagated.
|
| -source= heimdal|mit-dump|krb4-dump|kaserver
|
| |
Specifies the type of the source database. Alternatives include:
|
|
| heimdal
|
a Heimdal database
|
| mit-dump
|
| |
a MIT Kerberos 5 dump file
|
|
+.It Fl k Ar keytab , Fl Fl keytab= Ns Ar keytab
The keytab to use for fetching the key to be used for authenticating
to the propagation daemon(s). The key
hprop/hostname
is used from this keytab. The default is to fetch the key from the
KDC database.
| -R string , -v5-realm= string
|
| |
Local realm override.
|
| -D -, -decrypt
|
| |
The encryption keys in the database can either be in clear, or
encrypted with a master key. This option transmits the database with
unencrypted keys.
|
| -E -, -encrypt
|
| |
This option transmits the database with encrypted keys.
|
| -n -, -stdout
|
| |
Dump the database on stdout, in a format that can be fed to hpropd.
|
|
