Hi, I understand that the keytab file contains the secret key associated with the server principal.
The question is while providing support for a service to be a kerberized service - what are the security issues/advantages by providing the option for the user to have individual keytab file (can be different from /etc/krb5.keytab and holds the key of that particular service) for the kerberized service Vs using the default keytab file (/etc/krb5.keytab). Is it necessary to have seperate keytab file for the kerberized service different from the default keytab file (/etc/krb5.keytab for linux) ? i.e does it provide any more security that already root only access /etc/krb5.keytab. Thanks, Priya ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
