On Wed, 2013-03-13 at 12:41 +0000, Dale Macartney wrote:
> chown root:mail /etc/postfix/smtp.keytab
> chmod 644 /etc/postfix/smtp.keytab
NEVER ever use 644 on a keytab file.
A keytab is like a password, if you make it accessible to everybody on a
system you gave it up.
Sorry to be harsh but I want to make it very clear for our uses that
keytabs are *secrets* and should *never* be made available to the whole
system, It is exactly like putting a password in the clear in a file and
making it accessible to everyone.
In your case I guess you want to use 660 or 640.
Simo Sorce * Red Hat, Inc * New York
Freeipa-users mailing list