The default, DES3-CBC-MD5, will be set as the encryption type if you do not specify any of the encryption types previously mentioned.
Specifies the encryption and checksum mechanism of the primary principal. Following are the encryption types that are supported:
Specifies the database dump text file to copy into the database.

Administering the Kerberos Server

Loading the Kerberos Database

Loading the Kerberos Database

The kdb_load utility loads the database with the principal entries from a database dump text file. This utility overrides the existing database entries with the corresponding entries present in the dump file. Principals in the existing database that are absent in the dump file are not changed or removed.

HP recommends that you run the kdb_load utility on the primary security servers only. If the propagation is configured correctly, kdb_load securely copies the database entries to each secondary security server present on your network.

The general syntax for loading the Kerberos database is as follows:

kdb_load [-f filename]

The kdb_dump utility uses the following options: -f filename

-e enctype

3DES or 5: DES-CBC-MD5 (default)

DES-MD5 or 3: DES-CBC-MD5

DES-CRC or 1: DES-CBC-CRC

NOTE

Following is an example of using kdb_load:

shell% kdb_dump -f <filename>

232

Chapter 8

Page 232
Image 232
HP UX Kerberos Data Security Software manual Loading the Kerberos Database