kdb5_util.man - OpenGrok cross reference for /freebsd/crypto/krb5/src/man/kdb5

Lines Matching +full:no +full:- +full:read +full:- +full:rollover
4 .nr rst2man-indent-level 0
7 \\$1 \\n[an-margin]
8 level \\n[rst2man-indent-level]
9 level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
10 -
11 \\n[rst2man-indent0]
12 \\n[rst2man-indent1]
13 \\n[rst2man-indent2]
18 . nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
19 . nr rst2man-indent-level +1
24 .\" indent \\n[an-margin]
25 .\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
26 .nr rst2man-indent-level -1
27 .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
32 kdb5_util \- Kerberos database maintenance utility
36 [\fB\-r\fP \fIrealm\fP]
37 [\fB\-d\fP \fIdbname\fP]
38 [\fB\-k\fP \fImkeytype\fP]
39 [\fB\-kv\fP \fImkeyVNO\fP]
40 [\fB\-M\fP \fImkeyname\fP]
41 [\fB\-m\fP]
42 [\fB\-sf\fP \fIstashfilename\fP]
43 [\fB\-P\fP \fIpassword\fP]
44 [\fB\-x\fP \fIdb_args\fP]
51 key stash file or perform live rollover of the master key.
60 .SH COMMAND-LINE OPTIONS
63 \fB\-r\fP \fIrealm\fP
66 \fB\-d\fP \fIdbname\fP
72 \fB\-k\fP \fImkeytype\fP
77 \fB\-kv\fP \fImkeyVNO\fP
81 \fB\-M\fP \fImkeyname\fP
86 \fB\-m\fP
87 specifies that the master database password should be read from
90 \fB\-sf\fP \fIstash_file\fP
95 \fB\-P\fP \fIpassword\fP
100 \fB\-x\fP \fIdb_args\fP
101 specifies database\-specific options.  See kadmin(1) for
108 \fBcreate\fP [\fB\-s\fP]
112 Creates a new database.  If the \fB\-s\fP option is specified, the stash
119 \fBdestroy\fP [\fB\-f\fP]
125 the \fB\-f\fP argument, does not prompt the user.
129 \fBstash\fP [\fB\-f\fP \fIkeyfile\fP]
133 Stores the master principal\(aqs keys in a stash file.  The \fB\-f\fP
139 \fBdump\fP [\fB\-b7\fP|\fB\-r13\fP|\fB\-r18\fP]
140 [\fB\-verbose\fP] [\fB\-mkey_convert\fP] [\fB\-new_mkey_file\fP
141 \fImkey_file\fP] [\fB\-rev\fP] [\fB\-recurse\fP] [\fIfilename\fP
149 "\-", the dump is sent to standard output.  Options:
152 \fB\-b7\fP
157 \fB\-r13\fP
162 \fB\-r18\fP
167 \fB\-verbose\fP
171 \fB\-mkey_convert\fP
173 re\-encrypt principal key data in the dumpfile.  The principal keys
176 \fB\-new_mkey_file\fP \fImkey_file\fP
178 will be used to re\-encrypt the key data in the dumpfile.  The key
181 \fB\-rev\fP
185 \fB\-recurse\fP
190 than the \fB\-rev\fP option will.
192 Changed in version 1.15: Release 1.15 restored the functionality of the \fB\-recurse\fP
196 Changed in version 1.5: The \fB\-recurse\fP option ceased working until release 1.15,
203 \fBload\fP [\fB\-b7\fP|\fB\-r13\fP|\fB\-r18\fP] [\fB\-hash\fP]
204 [\fB\-verbose\fP] [\fB\-update\fP] \fIfilename\fP
211 the \fB\-update\fP option is given, \fBload\fP creates a new database
214 database module, the \fB\-update\fP flag is required.
219 \fB\-b7\fP
224 \fB\-r13\fP
229 \fB\-r18\fP
234 \fB\-hash\fP
241 \fB\-verbose\fP
245 \fB\-update\fP
254 \fBark\fP [\fB\-e\fP \fIenc\fP:\fIsalt\fP,...] \fIprincipal\fP
260 preserved.  The \fB\-e\fP option specifies the list of encryption and
265 \fBadd_mkey\fP [\fB\-e\fP \fIetype\fP] [\fB\-s\fP]
270 it as active.  Existing master keys will remain.  The \fB\-e\fP option
273 values.  The \fB\-s\fP option stashes the new master key in the stash
290 created principal keys.  If no \fItime\fP argument is given, the current
311 \fBpurge_mkeys\fP [\fB\-f\fP] [\fB\-n\fP] [\fB\-v\fP]
320 \fB\-f\fP
323 \fB\-n\fP
327 \fB\-v\fP
333 \fBupdate_princ_encryption\fP [\fB\-f\fP] [\fB\-n\fP] [\fB\-v\fP]
334 [\fIprinc\-pattern\fP]
339 \fIprinc\-pattern\fP glob pattern) to re\-encrypt the key data using the
342 updated.  If the \fB\-f\fP option is not given, ask for confirmation
343 before starting to make changes.  The \fB\-v\fP option causes each
345 needed updating or not.  The \fB\-n\fP option performs a dry run, only
350 \fBtabdump\fP [\fB\-H\fP] [\fB\-c\fP] [\fB\-e\fP] [\fB\-n\fP] [\fB\-o\fP \fIoutfile\fP]
357 importing into relational databases.  The data format is tab\-separated
358 (default), or optionally comma\-separated (CSV), with a fixed number of
360 unless suppression is requested using the \fB\-H\fP option.
368 \fB\-H\fP
371 \fB\-c\fP
373 instead of the default tab\-separated (unquoted, unescaped) format
375 \fB\-e\fP
377 as "\-1".
379 \fB\-n\fP
384 \fB\-o\fP \fIoutfile\fP
425 numbers if the \fB\-n\fP option is specified, and all flag positions
426 are printed regardless of whether or not they are set.  If \fB\-n\fP
502 per\-principal ticket policy data, including maximum ticket
529 $ kdb5_util tabdump \-o keyinfo.txt keyinfo
532 K/M@EXAMPLE.COM     0       1       aes256\-cts\-hmac\-sha384\-192      normal  \-1
533 foo@EXAMPLE.COM     0       1       aes128\-cts\-hmac\-sha1\-96 normal  \-1
534 bar@EXAMPLE.COM     0       1       aes128\-cts\-hmac\-sha1\-96 normal  \-1
538 sqlite> select * from keyinfo where enctype like \(aqaes256\-%\(aq;
539 K/M@EXAMPLE.COM     1       1       aes256\-cts\-hmac\-sha384\-192      normal  \-1
541 $ awk \-F\(aq\et\(aq \(aq$4 ~ /aes256\-/ { print }\(aq keyinfo.txt
542 K/M@EXAMPLE.COM     1       1       aes256\-cts\-hmac\-sha384\-192      normal  \-1
557 1985-2024, MIT