keytab

The Qshell command keytab manages a key table.

Syntax

keytab add principal [-p password] [-v version] [-k keytab] Start of change[-e enctypes]End of change

keytab delete principal [-v version] [-k keytab] Start of change[-e enctypes]End of change

keytab list [principal] [-k keytab]

Default public authority: *USE

Options

Start of change-eEnd of change
Start of changeThe list of encryption types. When adding a key, if this option is not specified, the default encryption types are added: aes256-cts-hmac-sha1-96 and aes128-cts-hmac-sha1-96. When deleting a key, if this option is not specified, all encryption types are deleted. The list of encryption types must be a single argument in the form of a blank- or comma-separated list. The valid encryption types are:
  • aes256-cts-hmac-sha1-96
  • aes128-cts-hmac-sha1-96
  • arcfour-hmac
  • des3-cbc-sha1
  • des-hmac-sha1
  • des-cbc-crc
End of change
-k
The key table name. If this option is not specified, the default key table is used.
-p
Specify the password. If this option is not specified, users are prompted to enter the password when they add an entry to the key table.
-v
The key version number. When you add a key, if this option is not specified, the next version number is assigned. When you delete a key, if this option is not specified, all keys for the principal are deleted.
principal
The principal name. When you list the key table, if this option is not specified, all principals are displayed.

Authorities

Object referred to Authority required
Each directory in the path name preceding the target keytab file to be opened *X
Parent directory of the target keytab file when add is specified, if the keytab file does not already exist *WX
Keytab file when list is specified *R
Target keytab file when add or delete is specified *RW
Each directory in the paths to the configuration files *X
Configuration files *R

Messages

  • You must specify add, delete, list, or merge.
  • command_option is not a valid command option.
  • command_option_one and command_option_two cannot be specified together.
  • option_value option is not valid for request_name request.
  • The option_name option requires a value.
  • Unable to parse principal name.
  • You must specify the principal name.
  • Unable to read password.
  • No default key table found.
  • Unable to resolve key table key_table.
  • Unable to read entry from key table key_table.
  • Unable to remove entry from key table key_table.
  • Unable to add entry to key table key_table.
  • No entries found for principal principal_name.
  • Value is not a valid number.
  • The key version must be between 1 and 255.
  • Key version key_version not found for principal principal_name.
  • Start of changeEncryption type encryption_type is not valid.End of change

For an example of how this command is used, see Managing keytab files.