directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Josh Clum <joshc...@gmail.com>
Subject Manual Keytab Creation
Date Thu, 24 Apr 2014 13:27:53 GMT
I was wondering if there was a way to generate my own keytab in java
without going to the kdc? I found code similar to this in an ApachDS test:

        Keytab keytab = Keytab.getInstance();
        KerberosTime timeStamp = new
KerberosTime(KerberosUtils.UTC_DATE_FORMAT.parse("20070217235745Z"));

        Map<EncryptionType, EncryptionKey> keys = KerberosKeyFactory
            .getKerberosKeys(principalName, userPassword);



        KeytabEntry keytabEntry = new KeytabEntry(
            principalName,
            1L,
            timeStamp,
            (byte) 0,
            keys.get(EncryptionType.DES_CBC_MD5));

        List<KeytabEntry> entry = Arrays.asList(keytabEntry);

        keytab.setEntries(entry);

        keytab.write(keytabFile);

        return keytabFile;

I'm able to a klist on a keytab that i create:

Vno  Type         Principal                  Date        Aliases

  0  des-cbc-md5  ssh/localhost@EXAMPLE.COM  2007-02-17


Also, if this is not possible, is there a way to programmatically get a
keytab using ApacheDS or any other java library?

Mime
View raw message