1 HPROP(8) NetBSD System Manager's Manual HPROP(8)
4 h
\bhp
\bpr
\bro
\bop
\bp - propagate the KDC database
6 S
\bSY
\bYN
\bNO
\bOP
\bPS
\bSI
\bIS
\bS
7 h
\bhp
\bpr
\bro
\bop
\bp [-
\b-m
\bm _
\bf_
\bi_
\bl_
\be | -
\b--
\b-m
\bma
\bas
\bst
\bte
\ber
\br-
\b-k
\bke
\bey
\by=
\b=_
\bf_
\bi_
\bl_
\be] [-
\b-d
\bd _
\bf_
\bi_
\bl_
\be | -
\b--
\b-d
\bda
\bat
\bta
\bab
\bba
\bas
\bse
\be=
\b=_
\bf_
\bi_
\bl_
\be]
8 [-
\b--
\b-s
\bso
\bou
\bur
\brc
\bce
\be=
\b=_
\bh_
\be_
\bi_
\bm_
\bd_
\ba_
\bl_
\b|_
\bm_
\bi_
\bt_
\b-_
\bd_
\bu_
\bm_
\bp_
\b|_
\bk_
\br_
\bb_
\b4_
\b-_
\bd_
\bu_
\bm_
\bp_
\b|_
\bk_
\br_
\bb_
\b4_
\b-_
\bd_
\bb_
\b|_
\bk_
\ba_
\bs_
\be_
\br_
\bv_
\be_
\br] [-
\b-r
\br _
\bs_
\bt_
\br_
\bi_
\bn_
\bg |
9 -
\b--
\b-v
\bv4
\b4-
\b-r
\bre
\bea
\bal
\blm
\bm=
\b=_
\bs_
\bt_
\br_
\bi_
\bn_
\bg] [-
\b-c
\bc _
\bc_
\be_
\bl_
\bl | -
\b--
\b-c
\bce
\bel
\bll
\bl=
\b=_
\bc_
\be_
\bl_
\bl] [-
\b-S
\bS | -
\b--
\b-k
\bka
\bas
\bsp
\bpe
\bec
\bci
\bia
\bal
\bls
\bs] [-
\b-k
\bk _
\bk_
\be_
\by_
\bt_
\ba_
\bb
10 | -
\b--
\b-k
\bke
\bey
\byt
\bta
\bab
\bb=
\b=_
\bk_
\be_
\by_
\bt_
\ba_
\bb] [-
\b-R
\bR _
\bs_
\bt_
\br_
\bi_
\bn_
\bg | -
\b--
\b-v
\bv5
\b5-
\b-r
\bre
\bea
\bal
\blm
\bm=
\b=_
\bs_
\bt_
\br_
\bi_
\bn_
\bg] [-
\b-D
\bD | -
\b--
\b-d
\bde
\bec
\bcr
\bry
\byp
\bpt
\bt] [-
\b-E
\bE |
11 -
\b--
\b-e
\ben
\bnc
\bcr
\bry
\byp
\bpt
\bt] [-
\b-n
\bn | -
\b--
\b-s
\bst
\btd
\bdo
\bou
\but
\bt] [-
\b-v
\bv | -
\b--
\b-v
\bve
\ber
\brb
\bbo
\bos
\bse
\be] [-
\b--
\b-v
\bve
\ber
\brs
\bsi
\bio
\bon
\bn] [-
\b-h
\bh | -
\b--
\b-h
\bhe
\bel
\blp
\bp]
12 [_
\bh_
\bo_
\bs_
\bt[:_
\bp_
\bo_
\br_
\bt]] _
\b._
\b._
\b.
14 D
\bDE
\bES
\bSC
\bCR
\bRI
\bIP
\bPT
\bTI
\bIO
\bON
\bN
15 h
\bhp
\bpr
\bro
\bop
\bp takes a principal database in a specified format and converts it
16 into a stream of Heimdal database records. This stream can either be
17 written to standard out, or (more commonly) be propagated to a hpropd(8)
18 server running on a different machine.
20 If propagating, it connects to all _
\bh_
\bo_
\bs_
\bt_
\bs specified on the command by
21 opening a TCP connection to port 754 (service hprop) and sends the
22 database in encrypted form.
26 -
\b-m
\bm _
\bf_
\bi_
\bl_
\be, -
\b--
\b-m
\bma
\bas
\bst
\bte
\ber
\br-
\b-k
\bke
\bey
\by=
\b=_
\bf_
\bi_
\bl_
\be
27 Where to find the master key to encrypt or decrypt keys with.
29 -
\b-d
\bd _
\bf_
\bi_
\bl_
\be, -
\b--
\b-d
\bda
\bat
\bta
\bab
\bba
\bas
\bse
\be=
\b=_
\bf_
\bi_
\bl_
\be
30 The database to be propagated.
32 -
\b--
\b-s
\bso
\bou
\bur
\brc
\bce
\be=
\b=_
\bh_
\be_
\bi_
\bm_
\bd_
\ba_
\bl_
\b|_
\bm_
\bi_
\bt_
\b-_
\bd_
\bu_
\bm_
\bp_
\b|_
\bk_
\br_
\bb_
\b4_
\b-_
\bd_
\bu_
\bm_
\bp_
\b|_
\bk_
\br_
\bb_
\b4_
\b-_
\bd_
\bb_
\b|_
\bk_
\ba_
\bs_
\be_
\br_
\bv_
\be_
\br
33 Specifies the type of the source database. Alternatives include:
35 heimdal a Heimdal database
36 mit-dump a MIT Kerberos 5 dump file
37 krb4-db a Kerberos 4 database
38 krb4-dump a Kerberos 4 dump file
39 kaserver an AFS kaserver database
41 -
\b-k
\bk _
\bk_
\be_
\by_
\bt_
\ba_
\bb, -
\b--
\b-k
\bke
\bey
\byt
\bta
\bab
\bb=
\b=_
\bk_
\be_
\by_
\bt_
\ba_
\bb
42 The keytab to use for fetching the key to be used for authenti-
43 cating to the propagation daemon(s). The key _
\bk_
\ba_
\bd_
\bm_
\bi_
\bn_
\b/_
\bh_
\bp_
\br_
\bo_
\bp is used
44 from this keytab. The default is to fetch the key from the KDC
47 -
\b-R
\bR _
\bs_
\bt_
\br_
\bi_
\bn_
\bg, -
\b--
\b-v
\bv5
\b5-
\b-r
\bre
\bea
\bal
\blm
\bm=
\b=_
\bs_
\bt_
\br_
\bi_
\bn_
\bg
50 -
\b-D
\bD, -
\b--
\b-d
\bde
\bec
\bcr
\bry
\byp
\bpt
\bt
51 The encryption keys in the database can either be in clear, or
52 encrypted with a master key. This option transmits the database
53 with unencrypted keys.
55 -
\b-E
\bE, -
\b--
\b-e
\ben
\bnc
\bcr
\bry
\byp
\bpt
\bt
56 This option transmits the database with encrypted keys.
58 -
\b-n
\bn, -
\b--
\b-s
\bst
\btd
\bdo
\bou
\but
\bt
59 Dump the database on stdout, in a format that can be fed to
62 The following options are only valid if h
\bhp
\bpr
\bro
\bop
\bp is compiled with support
63 for Kerberos 4 (kaserver).
65 -
\b-r
\br _
\bs_
\bt_
\br_
\bi_
\bn_
\bg, -
\b--
\b-v
\bv4
\b4-
\b-r
\bre
\bea
\bal
\blm
\bm=
\b=_
\bs_
\bt_
\br_
\bi_
\bn_
\bg
68 -
\b-c
\bc _
\bc_
\be_
\bl_
\bl, -
\b--
\b-c
\bce
\bel
\bll
\bl=
\b=_
\bc_
\be_
\bl_
\bl
69 The AFS cell name, used if reading a kaserver database.
71 -
\b-S
\bS, -
\b--
\b-k
\bka
\bas
\bsp
\bpe
\bec
\bci
\bia
\bal
\bls
\bs
72 Also dump the principals marked as special in the kaserver
75 -
\b-4
\b4, -
\b--
\b-v
\bv4
\b4-
\b-d
\bdb
\bb
76 Deprecated, identical to `--source=krb4-db'.
78 -
\b-K
\bK, -
\b--
\b-k
\bka
\ba-
\b-d
\bdb
\bb
79 Deprecated, identical to `--source=kaserver'.
81 E
\bEX
\bXA
\bAM
\bMP
\bPL
\bLE
\bES
\bS
82 The following will propagate a database to another machine (which should
85 $ hprop slave-1 slave-2
87 Copy a Kerberos 4 database to a Kerberos 5 slave:
89 $ hprop --source=krb4-db -E krb5-slave
91 Convert a Kerberos 4 dump-file for use with a Heimdal KDC:
93 $ hprop -n --source=krb4-dump -d /var/kerberos/principal.dump --master-key=/.k | hpropd -n
95 S
\bSE
\bEE
\bE A
\bAL
\bLS
\bSO
\bO
98 HEIMDAL June 19, 2000 2