Scroll to navigation

HPROP(8) System Manager's Manual HPROP(8)

NAME

hprop
propagate the KDC database

SYNOPSIS

hprop [
-m file | --master-key=file
] [
-d file | --database=file
] [
--source=heimdal|mit-dump
] [
-r string | --v4-realm=string
] [
-c cell | --cell=cell
] [
-k keytab | --keytab=keytab
] [
-R string | --v5-realm=string
] [
-D | --decrypt
] [
-E | --encrypt
] [
-n | --stdout
] [
-v | --verbose
] [
--version
] [
-h | --help
] [
host[
:port
]
...

DESCRIPTION

hprop takes a principal database in a specified format and converts it into a stream of Heimdal database records. This stream can either be written to standard out, or (more commonly) be propagated to a hpropd(8) server running on a different machine.
If propagating, it connects to all hosts specified on the command by opening a TCP connection to port 754 (service hprop) and sends the database in encrypted form.
Supported options:
file, --master-key=file
Where to find the master key to encrypt or decrypt keys with.
file, --database=file
The database to be propagated.
--source=heimdal|mit-dump|krb4-dump|kaserver
Specifies the type of the source database. Alternatives include:
heimdal
a Heimdal database
mit-dump
a MIT Kerberos 5 dump file
+.It Fl k Ar keytab , Fl Fl keytab= Ns Ar keytab The keytab to use for fetching the key to be used for authenticating to the propagation daemon(s). The key hprop/hostname is used from this keytab. The default is to fetch the key from the KDC database.
string, - -v5-realm=string
Local realm override.
, --decrypt
The encryption keys in the database can either be in clear, or encrypted with a master key. This option transmits the database with unencrypted keys.
, --encrypt
This option transmits the database with encrypted keys.
, --stdout
Dump the database on stdout, in a format that can be fed to hpropd.

EXAMPLES

The following will propagate a database to another machine (which should run hpropd(8)): 
$ hprop slave-1 slave-2

SEE ALSO

hpropd(8)
December 8, 2004 HEIMDAL