2 HPROP(8) UNIX System Manager's Manual HPROP(8)
5 h
\bhp
\bpr
\bro
\bop
\bp - propagate the KDC database
7 S
\bSY
\bYN
\bNO
\bOP
\bPS
\bSI
\bIS
\bS
8 h
\bhp
\bpr
\bro
\bop
\bp [-
\b-m
\bm _
\bf_
\bi_
\bl_
\be | -
\b--
\b-m
\bma
\bas
\bst
\bte
\ber
\br-
\b-k
\bke
\bey
\by=
\b=_
\bf_
\bi_
\bl_
\be] [-
\b-d
\bd _
\bf_
\bi_
\bl_
\be | -
\b--
\b-d
\bda
\bat
\bta
\bab
\bba
\bas
\bse
\be=
\b=_
\bf_
\bi_
\bl_
\be]
9 [-
\b--
\b-s
\bso
\bou
\bur
\brc
\bce
\be=
\b=_
\bh_
\be_
\bi_
\bm_
\bd_
\ba_
\bl_
\b|_
\bm_
\bi_
\bt_
\b-_
\bd_
\bu_
\bm_
\bp_
\b|_
\bk_
\br_
\bb_
\b4_
\b-_
\bd_
\bu_
\bm_
\bp_
\b|_
\bk_
\br_
\bb_
\b4_
\b-_
\bd_
\bb_
\b|_
\bk_
\ba_
\bs_
\be_
\br_
\bv_
\be_
\br] [-
\b-r
\br _
\bs_
\bt_
\br_
\bi_
\bn_
\bg |
10 -
\b--
\b-v
\bv4
\b4-
\b-r
\bre
\bea
\bal
\blm
\bm=
\b=_
\bs_
\bt_
\br_
\bi_
\bn_
\bg] [-
\b-c
\bc _
\bc_
\be_
\bl_
\bl | -
\b--
\b-c
\bce
\bel
\bll
\bl=
\b=_
\bc_
\be_
\bl_
\bl] [-
\b-S
\bS | -
\b--
\b-k
\bka
\bas
\bsp
\bpe
\bec
\bci
\bia
\bal
\bls
\bs] [-
\b-k
\bk _
\bk_
\be_
\by_
\bt_
\ba_
\bb
11 | -
\b--
\b-k
\bke
\bey
\byt
\bta
\bab
\bb=
\b=_
\bk_
\be_
\by_
\bt_
\ba_
\bb] [-
\b-R
\bR _
\bs_
\bt_
\br_
\bi_
\bn_
\bg | -
\b--
\b-v
\bv5
\b5-
\b-r
\bre
\bea
\bal
\blm
\bm=
\b=_
\bs_
\bt_
\br_
\bi_
\bn_
\bg] [-
\b-D
\bD | -
\b--
\b-d
\bde
\bec
\bcr
\bry
\byp
\bpt
\bt] [-
\b-E
\bE |
12 -
\b--
\b-e
\ben
\bnc
\bcr
\bry
\byp
\bpt
\bt] [-
\b-n
\bn | -
\b--
\b-s
\bst
\btd
\bdo
\bou
\but
\bt] [-
\b-v
\bv | -
\b--
\b-v
\bve
\ber
\brb
\bbo
\bos
\bse
\be] [-
\b--
\b-v
\bve
\ber
\brs
\bsi
\bio
\bon
\bn] [-
\b-h
\bh | -
\b--
\b-h
\bhe
\bel
\blp
\bp]
13 [_
\bh_
\bo_
\bs_
\bt[:_
\bp_
\bo_
\br_
\bt]] _
\b._
\b._
\b.
15 D
\bDE
\bES
\bSC
\bCR
\bRI
\bIP
\bPT
\bTI
\bIO
\bON
\bN
16 h
\bhp
\bpr
\bro
\bop
\bp takes a principal database in a specified format and converts it
17 into a stream of Heimdal database records. This stream can either be
18 written to standard out, or (more commonly) be propagated to a hpropd(8)
19 server running on a different machine.
21 If propagating, it connects to all _
\bh_
\bo_
\bs_
\bt_
\bs specified on the command by
22 opening a TCP connection to port 754 (service hprop) and sends the
23 database in encrypted form.
27 -
\b-m
\bm _
\bf_
\bi_
\bl_
\be, -
\b--
\b-m
\bma
\bas
\bst
\bte
\ber
\br-
\b-k
\bke
\bey
\by=
\b=_
\bf_
\bi_
\bl_
\be
28 Where to find the master key to encrypt or decrypt keys with.
30 -
\b-d
\bd _
\bf_
\bi_
\bl_
\be, -
\b--
\b-d
\bda
\bat
\bta
\bab
\bba
\bas
\bse
\be=
\b=_
\bf_
\bi_
\bl_
\be
31 The database to be propagated.
33 -
\b--
\b-s
\bso
\bou
\bur
\brc
\bce
\be=
\b=_
\bh_
\be_
\bi_
\bm_
\bd_
\ba_
\bl_
\b|_
\bm_
\bi_
\bt_
\b-_
\bd_
\bu_
\bm_
\bp_
\b|_
\bk_
\br_
\bb_
\b4_
\b-_
\bd_
\bu_
\bm_
\bp_
\b|_
\bk_
\br_
\bb_
\b4_
\b-_
\bd_
\bb_
\b|_
\bk_
\ba_
\bs_
\be_
\br_
\bv_
\be_
\br
34 Specifies the type of the source database. Alternatives include:
36 heimdal a Heimdal database
37 mit-dump a MIT Kerberos 5 dump file
38 krb4-db a Kerberos 4 database
39 krb4-dump a Kerberos 4 dump file
40 kaserver an AFS kaserver database
42 -
\b-k
\bk _
\bk_
\be_
\by_
\bt_
\ba_
\bb, -
\b--
\b-k
\bke
\bey
\byt
\bta
\bab
\bb=
\b=_
\bk_
\be_
\by_
\bt_
\ba_
\bb
43 The keytab to use for fetching the key to be used for authenti-
44 cating to the propagation daemon(s). The key _
\bk_
\ba_
\bd_
\bm_
\bi_
\bn_
\b/_
\bh_
\bp_
\br_
\bo_
\bp is used
45 from this keytab. The default is to fetch the key from the KDC
48 -
\b-R
\bR _
\bs_
\bt_
\br_
\bi_
\bn_
\bg, -
\b--
\b-v
\bv5
\b5-
\b-r
\bre
\bea
\bal
\blm
\bm=
\b=_
\bs_
\bt_
\br_
\bi_
\bn_
\bg
51 -
\b-D
\bD, -
\b--
\b-d
\bde
\bec
\bcr
\bry
\byp
\bpt
\bt
52 The encryption keys in the database can either be in clear, or
53 encrypted with a master key. This option transmits the database
54 with unencrypted keys.
56 -
\b-E
\bE, -
\b--
\b-e
\ben
\bnc
\bcr
\bry
\byp
\bpt
\bt
57 This option transmits the database with encrypted keys.
59 -
\b-n
\bn, -
\b--
\b-s
\bst
\btd
\bdo
\bou
\but
\bt
60 Dump the database on stdout, in a format that can be fed to
63 The following options are only valid if h
\bhp
\bpr
\bro
\bop
\bp is compiled with support
66 for Kerberos 4 (kaserver).
68 -
\b-r
\br _
\bs_
\bt_
\br_
\bi_
\bn_
\bg, -
\b--
\b-v
\bv4
\b4-
\b-r
\bre
\bea
\bal
\blm
\bm=
\b=_
\bs_
\bt_
\br_
\bi_
\bn_
\bg
71 -
\b-c
\bc _
\bc_
\be_
\bl_
\bl, -
\b--
\b-c
\bce
\bel
\bll
\bl=
\b=_
\bc_
\be_
\bl_
\bl
72 The AFS cell name, used if reading a kaserver database.
74 -
\b-S
\bS, -
\b--
\b-k
\bka
\bas
\bsp
\bpe
\bec
\bci
\bia
\bal
\bls
\bs
75 Also dump the principals marked as special in the kaserver
78 -
\b-4
\b4, -
\b--
\b-v
\bv4
\b4-
\b-d
\bdb
\bb
79 Deprecated, identical to `--source=krb4-db'.
81 -
\b-K
\bK, -
\b--
\b-k
\bka
\ba-
\b-d
\bdb
\bb
82 Deprecated, identical to `--source=kaserver'.
84 E
\bEX
\bXA
\bAM
\bMP
\bPL
\bLE
\bES
\bS
85 The following will propagate a database to another machine (which should
88 $ hprop slave-1 slave-2
90 Copy a Kerberos 4 database to a Kerberos 5 slave:
92 $ hprop --source=krb4-db -E krb5-slave
94 Convert a Kerberos 4 dump-file for use with a Heimdal KDC:
96 $ hprop -n --source=krb4-dump -d /var/kerberos/principal.dump --master-key=/.k | hpropd -n
98 S
\bSE
\bEE
\bE A
\bAL
\bLS
\bSO
\bO
101 HEIMDAL June 19, 2000 2