1HPROP(8)                  BSD System Manager's Manual                 HPROP(8)
2

NAME

4     hprop — propagate the KDC database
5

SYNOPSIS

7     hprop [-m file | --master-key=file] [-d file | --database=file]
8           [--source=heimdal|mit-dump] [-r string | --v4-realm=string] [-c
9           cell | --cell=cell] [-k keytab | --keytab=keytab] [-R string |
10           --v5-realm=string] [-D | --decrypt] [-E | --encrypt]
11           [-n | --stdout] [-v | --verbose] [--version] [-h | --help]
12           [host[:port]] ...
13

DESCRIPTION

15     hprop takes a principal database in a specified format and converts it
16     into a stream of Heimdal database records. This stream can either be
17     written to standard out, or (more commonly) be propagated to a hpropd(8)
18     server running on a different machine.
19
20     If propagating, it connects to all hosts specified on the command by
21     opening a TCP connection to port 754 (service hprop) and sends the data‐
22     base in encrypted form.
23
24     Supported options:
25
26     -m file, --master-key=file
27             Where to find the master key to encrypt or decrypt keys with.
28
29     -d file, --database=file
30             The database to be propagated.
31
32     --source=heimdal|mit-dump|krb4-dump|kaserver
33             Specifies the type of the source database. Alternatives include:
34
35                   heimdal   a Heimdal database
36                   mit-dump  a MIT Kerberos 5 dump file
37             +.It Fl k Ar keytab , Fl Fl keytab= Ns Ar keytab The keytab to
38             use for fetching the key to be used for authenticating to the
39             propagation daemon(s). The key hprop/hostname is used from this
40             keytab.  The default is to fetch the key from the KDC database.
41
42     -R string, --v5-realm=string
43             Local realm override.
44
45     -D, --decrypt
46             The encryption keys in the database can either be in clear, or
47             encrypted with a master key. This option transmits the database
48             with unencrypted keys.
49
50     -E, --encrypt
51             This option transmits the database with encrypted keys. This is
52             the default if no option is supplied.
53
54     -n, --stdout
55             Dump the database on stdout, in a format that can be fed to
56             hpropd.
57

EXAMPLES

59     The following will propagate a database to another machine (which should
60     run hpropd(8)):
61
62           $ hprop slave-1 slave-2
63

SEE ALSO

65     hpropd(8)
66
67HEIMDAL                        December 8, 2004                        HEIMDAL
Impressum