2-310
Catalyst 6500 Series Switch Command Reference—Release7.6
78-15328-01
Chapter2 Catalyst 6500 Series Switch and ROM Monitor Commands
set kerberos srvtab entry
set kerberos srvtab entryTo enter the SRVTAB file directly into the switch from the command line, use the set kerberos srvtab
entry command.
set kerberos srvtab entry kerberos_principal principal_type timestamp key_version_number
key_type key_length encrypted_keytab
Syntax Description
Defaults This command has no default settings.
Command Types Switch command.
Command Modes Privileged.
Usage Guidelines To make it possible for remote users to authenticate to the switch usi ng Kerberos credentials, the switch
must share a secret key with the KDC. To do this, you must give the switch a copy of the file that is stored
in the KDC, which contains the secret key. These files are called SRVTAB files.
When you enter the SRVTAB directly into the switch, create an entry for each Kerberos principal
(service) on the switch. The entries are maintained in the SRVTAB table. The maximum table size is
20 entries.
The KDC is a Kerberos server and database program running on a network host that allocates the
Kerberos credentials to different users or network services.
The key is encrypted with the private 3DES key when you copy the configuration to a file or enter the
show config command.
kerberos_principal Service on the switch.
principal_type Version of the Kerberos SRVTAB.
timestamp Number representing the date and time the SRVTAB entry was created.
key_version_number Version of the encrypted key format.
key_type Type of encryption used.
key_length Length, in bytes, of the encryption key.
encrypted_keytab Secret key the switch shares with the KDC.