On Thu, 2012-04-26 at 19:58 -0700, David Copperfield wrote: > Hi, > > > Just have a silly case where I've to download the existing version > keytab for a service principal. It is download only -- not recreate a > new version and download the new version which ipa-getkeytab does. -- > ipa-getkeytab command name seems a little bit misleading because it > does both 'set' and 'get' operations.
Well, this is actually intentional. I'm curious what your reasoning is for wanting to access the original key. There really isn't any downside to just pulling a brand-new one for a host, and the upside is that you just rolled your keys, so if they happened to be compromised, you're safe now.
Description: This is a digitally signed message part
_______________________________________________ Freeipa-users mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-users