Fariba wrote: > Is it possible to create a principal without password in kerberos? Thank > you.
You can create a principal with a random key (password) by using the -randkey option (i.e. in kadmin, 'addprinc -randkey user'). You can then extract this to a keytab, and use the keytab to authorise the user. Note also that if you create a principal & set the password, then extract this principal to a keytab using 'ktadd', the key is randomised in the process (so your previous password will no longer work). I think (not sure!) you *can* also set an empty password, if your policies are appropriate, but that would be somewhat insecure! The manpage for kadmin is helpful. Juliet -- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + Ms Juliet Kemp + + Computer Manager [EMAIL PROTECTED] + + Astrophysics Group + + Imperial College Tel: +44 (0)20759 47538 + + London. SW7 2AZ Fax: +44 (0)20759 47541 + +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
