[27169] in Kerberos
Re: "If you choose to install a stash file..."
daemon@ATHENA.MIT.EDU (Ken Hornstein)
Thu Jan 4 16:15:46 2007
Message-Id: <200701042114.l04LEtQ4004615@ginger.cmf.nrl.navy.mil>
To: Jeff Blaine <jblaine@kickflop.net>
In-Reply-To: <459D6D2A.6080006@kickflop.net>
Date: Thu, 04 Jan 2007 16:14:56 -0500
From: Ken Hornstein <kenh@cmf.nrl.navy.mil>
Cc: kerberos@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
>http://web.mit.edu/Kerberos/krb5-1.5/krb5-1.5.1/doc/krb5-install/Create-the-Database.html#Create%20the%20Database
>
>"If you choose to install a stash file..."
>
>What if I don't? No explanation is given as to the alternative.
Every time the KDC starts up, you have to type in the master key before
the KDC process will start up. The stash file is a stored copy of the
master key on-disk.
(The master key is used to encrypt all of the keys in the KDC database,
but doesn't actually get used for anything that appears on the wire).
--Ken
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
