ipa-rmkeytab

Section: FreeIPA Manual Pages (1)
Updated: Oct 30 2009
Index Return to Main Contents
 

NAME

ipa-rmkeytab - Remove a kerberos principal from a keytab  

SYNOPSIS

ipa-rmkeytab [ -p principal-name ] [ -k keytab-file ] [ -r realm ] [ -d ]

 

DESCRIPTION

Removes a kerberos principal from a keytab.

Kerberos keytabs are used for services (like sshd) to perform kerberos authentication. A keytab is a file with one or more secrets (or keys) for a kerberos principal.

A kerberos service principal is a kerberos identity that can be used for authentication. Service principals contain the name of the service, the hostname of the server, and the realm name.

ipa-rmkeytab provides two ways to remove principals. A specific principal can be removed or all principals for all principals for a given realm can be removed.

All encryption types and versions of a principal are removed.

The realm may be included when removing a specific principal but it is not required.

NOTE: removing a principal from the keytab does not affect the Kerberos principal stored in the IPA server. It merely removes the entry from the local keytab.  

OPTIONS

-p principal-name
The non-realm part of the full principal name.
-k keytab-file
The keytab file to append the principal(s) from.
-r realm
A realm to remove all principals for.
-d
Debug mode. Additional information is displayed.
 

EXAMPLES

Remove the NFS service principal on the host foo.example.com from /tmp/nfs.keytab.


   # ipa-rmkeytab -p nfs/foo.example.com -k /tmp/nfs.keytab

Remove the ldap service principal on the host foo.example.com from /etc/krb5.keytab.


   # ipa-rmkeytab -p ldap/foo.example.com -k /etc/krb5.keytab

Remove all principals for the realm EXAMPLE.COM.


  # ipa-rmkeytab -r EXAMPLE.COM -k /etc/krb5.keytab  

EXIT STATUS

The exit status is 0 on success, nonzero on error.

1 Kerberos initialization failed

2 Memory allocation error

3 Unable to open keytab

4 Unable to parse the principal name

5 Principal name or realm not found in keytab

6 Unable to remove principal from keytab


 

Index

NAME
SYNOPSIS
DESCRIPTION
OPTIONS
EXAMPLES
EXIT STATUS

This document was created by man2html, using the manual pages.
Time: 05:29:05 GMT, December 24, 2015