Forum: Too Lazy BBS

kadm5.acl "e" permission

From Stefan Kania@stefan@kania-online.de to kerberos on Fri Feb 7 14:58:25 2025

From Newsgroup: comp.protocols.kerberos

This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------I0ECbL55wgjx46t0MQ5DJIwq
Content-Type: multipart/mixed; boundary="------------wVzct31ivXcs8WG58zJ0q7ul";
protected-headers="v1"
From: Stefan Kania <stefan@kania-online.de>
To: kerberos@mit.edu
Message-ID: <85f142f8-99d7-4a9a-8b0a-20219525fe45@kania-online.de>
Subject: kadm5.acl "e" permission

--------------wVzct31ivXcs8WG58zJ0q7ul
Content-Type: multipart/mixed; boundary="------------gjQbQZFeKYCv7u1XQtCBRErP"

--------------gjQbQZFeKYCv7u1XQtCBRErP
Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: base64

SGVsbG8sDQoNCmluIHRoZSBrYWRtNS5hY2wgdGhlICIqIiBvciB0aGUgIngiIGdpdmVzIGFs bCBwZXJtaXNzaW9uIGJ1dCBub3QgdGhlIA0KcGVybWlzc2lvbiB0byBleHRyYWN0IHRoZSBw cmluY2lwYWwga2V5cyBmb3IgdGhpcyBpdCB0aGUgImUiIHBlcm1pc3Npb24uIA0KQ2FuIHNv bWUgcGxlYXNlIGV4cGxhaW4gdG8gbWUgaG93IGNhbiBJIGV4dHJhY3QgdGhlIHByaW5jaXBh bCBrZXkgaWYgSSANCmhhdmUgdGhlICJlIiBwZXJtaXNzaW9uLiBJIGNhbid0IGZpbmQgYW55 dGhpbmcgdGhhdCBleHBsYWluIGhvdyB0byBkbyBpdC4NCg0KVGhhbmsgeW91DQoNClN0ZWZh bg0KDQo=
--------------gjQbQZFeKYCv7u1XQtCBRErP--

--------------wVzct31ivXcs8WG58zJ0q7ul--

--------------I0ECbL55wgjx46t0MQ5DJIwq
Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="OpenPGP_signature.asc"

-----BEGIN PGP SIGNATURE-----

wnsEABYIACMWIQRsT9azWR5AolaZQIFS9tTdG7aKtQUCZ6YRgQUDAAAAAAAKCRBS9tTdG7aKtZ5m AP0eLTx6vH1oinRuRKwHvZpR6dtDH/0XKM6F3/pLDt0wrgEAl/qHlOM6O4rkySvGF4xj2tWyEmt0 XIJfhGFquuor9A8=
=5XLv
-----END PGP SIGNATURE-----

--------------I0ECbL55wgjx46t0MQ5DJIwq--
--- Synchronet 3.21d-Linux NewsLink 1.2

From Greg Hudson@ghudson@mit.edu to Stefan Kania on Fri Feb 7 11:07:05 2025

From Newsgroup: comp.protocols.kerberos

On 2/7/25 08:58, Stefan Kania wrote:

in the kadm5.acl the "*" or the "x" gives all permission but not the permission to extract the principal keys for this it the "e" permission.
Can some please explain to me how can I extract the principal key if I
have the "e" permission. I can't find anything that explain how to do it.

The kadmin "ktadd -norandkey" command will extract principal keys to a
keytab file without generating new keys as it normally does.

--- Synchronet 3.21d-Linux NewsLink 1.2

From Stefan Kania@stefan@kania-online.de to Greg Hudson on Fri Feb 7 19:07:15 2025

From Newsgroup: comp.protocols.kerberos

This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------VS5rsezfcsDHXBlzyvZpTMxO
Content-Type: multipart/mixed; boundary="------------WJ8nM3n0sPMNTBq5oQoOjdYB";
protected-headers="v1"
From: Stefan Kania <stefan@kania-online.de>
To: Greg Hudson <ghudson@mit.edu>, kerberos@mit.edu
Message-ID: <29e78a8d-05e2-4732-8b6c-bbe611f7c5df@kania-online.de>
Subject: Re: kadm5.acl "e" permission
References: <85f142f8-99d7-4a9a-8b0a-20219525fe45@kania-online.de>
<eb065857-45f8-4c79-b7f8-131aacf9687c@mit.edu>
In-Reply-To: <eb065857-45f8-4c79-b7f8-131aacf9687c@mit.edu>

--------------WJ8nM3n0sPMNTBq5oQoOjdYB
Content-Type: multipart/mixed; boundary="------------rmltnled2IzAi7wyYB2nzfes"

--------------rmltnled2IzAi7wyYB2nzfes
Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: base64

DQoNCkFtIDA3LjAyLjI1IHVtIDE3OjA3IHNjaHJpZWIgR3JlZyBIdWRzb246DQo+IE9uIDIv Ny8yNSAwODo1OCwgU3RlZmFuIEthbmlhIHdyb3RlOg0KPj4gaW4gdGhlIGthZG01LmFjbCB0 aGUgIioiIG9yIHRoZSAieCIgZ2l2ZXMgYWxsIHBlcm1pc3Npb24gYnV0IG5vdCB0aGUgDQo+ PiBwZXJtaXNzaW9uIHRvIGV4dHJhY3QgdGhlIHByaW5jaXBhbCBrZXlzIGZvciB0aGlzIGl0 IHRoZSAiZSIgDQo+PiBwZXJtaXNzaW9uLiBDYW4gc29tZSBwbGVhc2UgZXhwbGFpbiB0byBt ZSBob3cgY2FuIEkgZXh0cmFjdCB0aGUgDQo+PiBwcmluY2lwYWwga2V5IGlmIEkgaGF2ZSB0 aGUgImUiIHBlcm1pc3Npb24uIEkgY2FuJ3QgZmluZCBhbnl0aGluZyB0aGF0IA0KPj4gZXhw bGFpbiBob3cgdG8gZG8gaXQuDQo+IA0KPiBUaGUga2FkbWluICJrdGFkZCAtbm9yYW5ka2V5 IiBjb21tYW5kIHdpbGwgZXh0cmFjdCBwcmluY2lwYWwga2V5cyB0byBhIA0KPiBrZXl0YWIg ZmlsZSB3aXRob3V0IGdlbmVyYXRpbmcgbmV3IGtleXMgYXMgaXQgbm9ybWFsbHkgZG9lcy4N Cj4gDQpUaGFuayB5b3UsIHRoYXQgd2FzIGV4YWN0bHkgd2hhdCBJIHdhcyBsb29raW5nIGZv ciA6LSkNCg0K
--------------rmltnled2IzAi7wyYB2nzfes--

--------------WJ8nM3n0sPMNTBq5oQoOjdYB--

--------------VS5rsezfcsDHXBlzyvZpTMxO
Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="OpenPGP_signature.asc"

-----BEGIN PGP SIGNATURE-----

wnsEABYIACMWIQRsT9azWR5AolaZQIFS9tTdG7aKtQUCZ6ZL0wUDAAAAAAAKCRBS9tTdG7aKtUmc AP944QTGObqRz/LyMjv9aH4YLiU04WPIKwA/eMJZ56WyigEAtuICBOCSBH4KTra3rNKjr+VCqhQk zWconVhjyAY0yAg=
=hSMQ
-----END PGP SIGNATURE-----

--------------VS5rsezfcsDHXBlzyvZpTMxO--
--- Synchronet 3.21d-Linux NewsLink 1.2

Who's Online
Recent Visitors
- Evander
  Sun Apr 26 17:00:12 2026
  from Usa via SSH
- Evander
  Sun Apr 26 14:05:22 2026
  from Usa via SSH
- Sykotik
  Tue Apr 14 16:22:53 2026
  from Canada via Telnet
- Morningstarr
  Sun Apr 12 15:27:15 2026
  from Concord, Nc via Telnet

System Info

Sysop:	Amessyroom
Location:	Fayetteville, NC
Users:	64
Nodes:	6 (0 / 6)
Uptime:	492944:09:23
Calls:	842
Files:	1,304
D/L today:	8 files (19,649K bytes)
Messages:	261,765

kadm5.acl "e" permission

Who's Online

Recent Visitors

System Info