[Freeipa-devel] [PATCH] 305 remove a principal from a keytab

Rob Crittenden Fri, 30 Oct 2009 13:30:15 -0700

I wasn't able to find a command-line program to remove principals from a keytab so I wrote my own. ktutil can do it but it doesn't take command-line arguments. Java ships a utility named ktab but adding a huge dependency for one app seem a bit much :-)


In any case, this program has 2 modes:

1. Given a keytab and a principal, remove all entries of that principal from the keytab. This removes all versions and encryption types.

2. Given a realm remove all principals in that realm. I cheat a little and insert an @ before the principal name because all this really does is a strstr() to see if the principal in the keytab is in the realm provided.

This utility will be added to the ipa-client-uninstall script at some point to clean up /etc/krb5.keytab.

rob

freeipa-305-keytab.patch
Description: application/mbox

smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

[Freeipa-devel] [PATCH] 305 remove a principal from a keytab

Reply via email to