>>>>> "raeburn" == Ken Raeburn <[EMAIL PROTECTED]> writes:
raeburn> Leong Tim <[EMAIL PROTECTED]> writes: >> Is there anyway to change or access your master key once you've >> forgotten it? Hypothetical question, I promise. :-) raeburn> If you put it in a "stash" file, yes, the key will still be there. If raeburn> you don't have a stash file, you need to know the password. Also, if you have the stash file and want to change the master key to something you know, it is possible to use the "-mkey_convert" flag to the "kdb5_util dump" command in order to dump out the database with all keys reencrypted in a new master key. (You'll have to stash your new master key after reloading the database.) There is a serious bug with this in the krb5-1.2.5 release, but an upcoming release will have the fix. If you're in a hurry, I can dig up the patch that fixes the bug. ---Tom ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] http://mailman.mit.edu/mailman/listinfo/kerberos
