kdb_init(8krb)kdb_init(8krb)Namekdb_init - initialize the Kerberos master database
/var/dss/kerberos/bin/kdb_init [ realm-name ] [ database-name ]
realm-name The realm of the Kerberos database.
A database specified so that the current and files are not
The utility creates and initializes the Kerberos master database. The
utility creates the database files: and It also initializes the data‐
base by adding three database entries: the master database principal, a
Kerberos default principal, the ticket-granting service principal ( and
the password changing principal,
The master database principal is the entry to the database itself. You
cannot use or modify the database without the master database password.
The Kerberos default principal provides a template for service princi‐
The ticket-granting service, is used by Kerberos principals to obtain
tickets to communicate with other Kerberos principals. The password-
changing principal is not used.
If realm-name is omitted when you enter the command, prompts for it.
The program also prompts for the master database key. You cannot
manipulate the database without this key.
By using database-name, you can create another database to prevent the
current and files from being overwritten.
After using to set up the master database, you may want to use the
utility to hide the master database password on the database host
machine. This enables Kerberos administration programs to access and
manipulate the master database, without needing the password to be
kdb_util(8krb), kstash(8krb), kdb_edit(8krb),