Provided by: heimdal-kdc_7.8.git20221117.28daf24+dfsg-5ubuntu3_amd64
NAME
hprop — propagate the KDC database
SYNOPSIS
hprop [-m file | --master-key=file] [-d file | --database=file] [--source=heimdal|mit-dump] [-r string | --v4-realm=string] [-c cell | --cell=cell] [-k keytab | --keytab=keytab] [-R string | --v5-realm=string] [-D | --decrypt] [-E | --encrypt] [-n | --stdout] [-v | --verbose] [--version] [-h | --help] [host[:port]] ...
DESCRIPTION
hprop takes a principal database in a specified format and converts it into a stream of Heimdal database records. This stream can either be written to standard out, or (more commonly) be propagated to a hpropd(8) server running on a different machine. If propagating, it connects to all hosts specified on the command by opening a TCP connection to port 754 (service hprop) and sends the database in encrypted form. Supported options: -m file, --master-key=file Where to find the master key to encrypt or decrypt keys with. -d file, --database=file The database to be propagated. --source=heimdal|mit-dump|krb4-dump|kaserver Specifies the type of the source database. Alternatives include: heimdal a Heimdal database mit-dump a MIT Kerberos 5 dump file +.It Fl k Ar keytab , Fl Fl keytab= Ns Ar keytab The keytab to use for fetching the key to be used for authenticating to the propagation daemon(s). The key hprop/hostname is used from this keytab. The default is to fetch the key from the KDC database. -R string, --v5-realm=string Local realm override. -D, --decrypt The encryption keys in the database can either be in clear, or encrypted with a master key. This option transmits the database with unencrypted keys. -E, --encrypt This option transmits the database with encrypted keys. This is the default if no option is supplied. -n, --stdout Dump the database on stdout, in a format that can be fed to hpropd.
EXAMPLES
The following will propagate a database to another machine (which should run hpropd(8)): $ hprop slave-1 slave-2
SEE ALSO
hpropd(8)