1HPROP(8) BSD System Manager's Manual HPROP(8)
2
4 hprop — propagate the KDC database
5
7 hprop [-m file | --master-key=file] [-d file | --database=file]
8 [--source=heimdal|mit-dump] [-r string | --v4-realm=string] [-c
9 cell | --cell=cell] [-k keytab | --keytab=keytab] [-R string |
10 --v5-realm=string] [-D | --decrypt] [-E | --encrypt]
11 [-n | --stdout] [-v | --verbose] [--version] [-h | --help]
12 [host[:port]] ...
13
15 hprop takes a principal database in a specified format and converts it
16 into a stream of Heimdal database records. This stream can either be
17 written to standard out, or (more commonly) be propagated to a hpropd(8)
18 server running on a different machine.
19
20 If propagating, it connects to all hosts specified on the command by
21 opening a TCP connection to port 754 (service hprop) and sends the data‐
22 base in encrypted form.
23
24 Supported options:
25
26 -m file, --master-key=file
27 Where to find the master key to encrypt or decrypt keys with.
28
29 -d file, --database=file
30 The database to be propagated.
31
32 --source=heimdal|mit-dump|krb4-dump|kaserver
33 Specifies the type of the source database. Alternatives include:
34
35 heimdal a Heimdal database
36 mit-dump a MIT Kerberos 5 dump file
37 +.It Fl k Ar keytab , Fl Fl keytab= Ns Ar keytab The keytab to
38 use for fetching the key to be used for authenticating to the
39 propagation daemon(s). The key hprop/hostname is used from this
40 keytab. The default is to fetch the key from the KDC database.
41
42 -R string, --v5-realm=string
43 Local realm override.
44
45 -D, --decrypt
46 The encryption keys in the database can either be in clear, or
47 encrypted with a master key. This option transmits the database
48 with unencrypted keys.
49
50 -E, --encrypt
51 This option transmits the database with encrypted keys. This is
52 the default if no option is supplied.
53
54 -n, --stdout
55 Dump the database on stdout, in a format that can be fed to
56 hpropd.
57
59 The following will propagate a database to another machine (which should
60 run hpropd(8)):
61
62 $ hprop slave-1 slave-2
63
65 hpropd(8)
66
67HEIMDAL December 8, 2004 HEIMDAL