On Wed, 2013-03-13 at 12:41 +0000, Dale Macartney wrote:
> chown root:mail /etc/postfix/smtp.keytab
> chmod 644 /etc/postfix/smtp.keytab
NEVER ever use 644 on a keytab file.

A keytab is like a password, if you make it accessible to everybody on a
system you gave it up.

Sorry to be harsh  but I want to make it very clear for our uses that
keytabs are *secrets* and should *never* be made available to the whole
system, It is exactly like putting a password in the clear in a file and
making it accessible to everyone.

In your case I guess you want to use 660 or 640.


Simo Sorce * Red Hat, Inc * New York

Freeipa-users mailing list

Reply via email to