[38903] in Kerberos
Re: Is there a "batchable" way to do ktutil list
daemon@ATHENA.MIT.EDU (Dameon Wagner)
Wed Apr 21 04:18:39 2021
Date: Wed, 21 Apr 2021 09:15:53 +0100
From: Dameon Wagner <dameon.wagner@it.ox.ac.uk>
To: <kerberos@mit.edu>
Message-ID: <20210421081553.dob4fdlajt5orf6l@maia.oucs.ox.ac.uk>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <fdbc2f7f-9311-a240-4b6a-4345c129d5c0@prime.gushi.org>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
On Wed, Apr 21 2021 at 00:56:39 -0700, Dan Mahoney (Gushi) scribbled
in "Is there a "batchable" way to do ktutil list":
> All,
>
> Dayjob has a puppet fact that, under freeBSD, uses "ktutil list" to get
> the kvno of a given host. This works great because the heimdal kerberos
> that's built into freeBSD is what we like to parse. It takes a -k
> argument to specify a keytab file.
>
> Linux is another story. Under ubuntu, the mit version of ktutil gets
> installed, and I can't figure out how to script it easily. There are no
> documented ways to pass an arg, or even to print the version. (We can
> glean it by looking at installed packages).
>
> Is there another command that is more script-friendly? If not, can
> someone share a good way to pass args to the MIT ktutil?
If you want the "true" kvno value, from a KDC, then the `kvno` tool
will return the results you want.
I you want the kvno values from within a keytab, like ktutil would
provide, then I'd look at the `k5srvutil` tool, which will take
subcommands and arguments for passing in the path to a keytab.
Cheers.
Dameon.
--
><> ><> ><> ><> ><> ><> ooOoo <>< <>< <>< <>< <>< <><
Dr. Dameon Wagner, Unix Platform Services
IT Services, University of Oxford
><> ><> ><> ><> ><> ><> ooOoo <>< <>< <>< <>< <>< <><
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
