Changing the database master key
- From: Russ Allbery <rra@xxxxxxxxxxxx>
- Date: Thu, 31 Aug 2006 09:23:27 -0700
Hello all,
My understanding from previous discussions was that it was not possible to
change the database master key for an MIT Kerberos KDC due to various bits
that are encrypted in the master key. However, I noticed that the
kdb5_util man page seems to indicate that it can under dump:
-mkey_convert
prompts for a new master key. This new master key will
be used to re-encrypt the key data in the dumpfile. The
key data in the database will not be changed.
-new_mkey_file mkey_file
the filename of a stash file. The master key in this
stash file will be used to re-encrypt the key data in the
dumpfile. The key data in the database will not be
changed.
Those options make it sound like I could use a technique like:
1. Create a new KDC database in a new location with an AES master key.
2. Dump the old database using -new_mkey_file pointing at the new stash.
3. Load the database dump into the new empty database.
and thereby change the database master key. Is that correct? Does this
fail for some reason? Has anyone done this?
--
Russ Allbery (rra@xxxxxxxxxxxx) <http://www.eyrie.org/~eagle/>
.
- Follow-Ups:
- Re: Changing the database master key
- From: Ken Hornstein
- Re: Changing the database master key
- Prev by Date: Ticket enctype question
- Next by Date: Re: kadmin on windows
- Previous by thread: Ticket enctype question
- Next by thread: Re: Changing the database master key
- Index(es):
Relevant Pages
|
