From 44cbe6c7d9a51d6ea5bce74f0273e2f47b58584d Mon Sep 17 00:00:00 2001 From: John Kohl Date: Fri, 14 Jun 1991 11:38:29 +0000 Subject: [PATCH] Initial revision git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@2177 dc483132-0cff-0310-8789-dd5450dbe970 --- src/admin/convert/kdb5_convert.M | 110 +++++++++++++++++++++++++++++++ 1 file changed, 110 insertions(+) create mode 100644 src/admin/convert/kdb5_convert.M diff --git a/src/admin/convert/kdb5_convert.M b/src/admin/convert/kdb5_convert.M new file mode 100644 index 000000000..8bf2da7a6 --- /dev/null +++ b/src/admin/convert/kdb5_convert.M @@ -0,0 +1,110 @@ +.\" $Source$ +.\" $Author$ +.\" $Id$ +.\" Copyright 1991 by the Massachusetts Institute of Technology. +.\" +.\" Export of this software from the United States of America is assumed +.\" to require a specific license from the United States Government. +.\" It is the responsibility of any person or organization contemplating +.\" export to obtain such a license before exporting. +.\" +.\" WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +.\" distribute this software and its documentation for any purpose and +.\" without fee is hereby granted, provided that the above copyright +.\" notice appear in all copies and that both that copyright notice and +.\" this permission notice appear in supporting documentation, and that +.\" the name of M.I.T. not be used in advertising or publicity pertaining +.\" to distribution of the software without specific, written prior +.\" permission. M.I.T. makes no representations about the suitability of +.\" this software for any purpose. It is provided "as is" without express +.\" or implied warranty. +.\" +.\" +.TH KDB5_CONVERT 8 "Kerberos Version 5.0" "MIT Project Athena" +.SH NAME +kdb5_convert \- convert a v4 Kerberos principal database to a v5 database +.SH SYNOPSIS +.B kdb5_convert +[ +.B \-r +.I realm +] [ +.B \-d +.I v5dbname +] [ +.B \-D +.I v4dbname +] [ +.B \-k +.I keytype +] [ +.B \-M +.I mkeyname +] [ +.B \-e +.I enctype +] [ +.B \-n +] +.br +.SH DESCRIPTION +.I kdb5_convert +is used to create a Kerberos version 5 principal database and fill it +with entries from a Kerberos version 4 principal database. The user is +normally prompted two passwords: the version 5 master password, which +will be used to generate an encryption key under which all entries are +stored (in order to provide some security against database theft), and +the version 4 master password, which is used to access the entries in +the version 4 database. +.PP +The +.B \-r +.I realm +option specifies the realm for which the database should be created; +by default the realm returned by +.IR krb5_default_local_realm (3) +is used. +.PP +The +.B \-d +.I v5dbname +option specifies the name under which the version 5 principal database is to be +created; by default the database is in DEFAULT_DBM_FILE (normally +/krb5/principal). +.PP +The +.B \-D +.I v4dbname +option specifies the name under which the version 4 principal database +is to be found. +.PP +The +.B \-k +.I keytype +option specifies the key type (as an ascii representation of a decimal +number) of the master key in the database; the default is KEYTYPE_DES. +.PP +The +.B \-M +.I mkeyname +option specifies the principal name for the master key in the database; +the default is KRB5_KDB_M_NAME (usually "K/M" in the KDC's realm). +.PP +The +.B \-e +.I enctype +option specifies the encryption type (as an ascii representation of a decimal +number) to be used when placing entries in +the database; the default is the default encryption type for the master +keytype. +.PP +The +.B \-n +option specifies that the master key for the v4 database should be +entered manually rather than fetched from the normal v4 master key file. +.SH SEE ALSO +krb5(3), krb5kdc(8) +.SH BUGS +Doesn't have flexibility about expiration times. Probably doesn't +handle any v4 inter-realm keys. Spits out names of all the entries it +processes. -- 2.26.2