Updated: 2022/Sep/29

Please read Privacy Policy. It's for your privacy.

HPROP(8)                    System Manager's Manual                   HPROP(8)

NAME
     hprop - propagate the KDC database

SYNOPSIS
     hprop [-m file | --master-key=file] [-d file | --database=file]
           [--source=heimdal|mit-dump] [-r string | --v4-realm=string]
           [-c cell | --cell=cell] [-k keytab | --keytab=keytab] [-R string |
           --v5-realm=string] [-D | --decrypt] [-E | --encrypt]
           [-n | --stdout] [-v | --verbose] [--version] [-h | --help]
           [host[:port]] ...

DESCRIPTION
     hprop takes a principal database in a specified format and converts it
     into a stream of Heimdal database records. This stream can either be
     written to standard out, or (more commonly) be propagated to a hpropd(8)
     server running on a different machine.

     If propagating, it connects to all hosts specified on the command by
     opening a TCP connection to port 754 (service hprop) and sends the
     database in encrypted form.

     Supported options:

     -m file, --master-key=file
             Where to find the master key to encrypt or decrypt keys with.

     -d file, --database=file
             The database to be propagated.

     --source=heimdal|mit-dump|krb4-dump|kaserver
             Specifies the type of the source database. Alternatives include:

                   heimdal   a Heimdal database
                   mit-dump  a MIT Kerberos 5 dump file
             +.It Fl k Ar keytab , Fl Fl keytab= Ns Ar keytab The keytab to
             use for fetching the key to be used for authenticating to the
             propagation daemon(s). The key hprop/hostname is used from this
             keytab.  The default is to fetch the key from the KDC database.

     -R string, --v5-realm=string
             Local realm override.

     -D, --decrypt
             The encryption keys in the database can either be in clear, or
             encrypted with a master key. This option transmits the database
             with unencrypted keys.

     -E, --encrypt
             This option transmits the database with encrypted keys. This is
             the default if no option is supplied.

     -n, --stdout
             Dump the database on stdout, in a format that can be fed to
             hpropd.

EXAMPLES
     The following will propagate a database to another machine (which should
     run hpropd(8)):

           $ hprop slave-1 slave-2

SEE ALSO
     hpropd(8)

NetBSD 10.99                   December 8, 2004                   NetBSD 10.99