Filter
Top Products
2-373
Catalyst 6500 Series Switch Command Reference—Release 8.4
OL-6244-01
Chapter 2 Catalyst 6500 Series Switch and ROM Monitor Commands
set kerberos srvtab remote
set kerberos srvtab remote
To provide the switch with a copy of the SRVTAB file from the KDC that contains the secret key, use
the set kerberos srvtab remote command.
set kerberos srvtab remote {hostname | ip_address} filename
Syntax Description
Defaults This command has no default settings.
Command Types Switch command.
Command Modes Privileged.
Usage Guidelines To make it possible for remote users to authenticate to the switch using Kerberos credentials, the switch
must share a secret key with the KDC. To do this, you must give the switch a copy of the file that is stored
in the KDC, which contains the secret key. These files are called SRVTAB files.
The KDC is a Kerberos server and database program running on a network host that allocates the
Kerberos credentials to different users or network services.
The most secure method to copy SRVTAB files to the hosts in your Kerberos realm is to copy them onto
physical media and go to each host in turn and manually copy the files onto the system. To copy SRVTAB
files to the switch, which does not have a physical media drive, you must transfer them through the
network using TFTP.
Examples This example shows how to copy SRVTAB files to the switch remotely from the KDC:
Console> (enable) set kerberos srvtab remote 187.20.32.10 /users/jdoe/krb5/ninerskeytab
Console> (enable)
Related Commands clear kerberos creds
set kerberos srvtab entry
show kerberos
hostname Name of host running the KDC.
ip_address IP address of host running the KDC.
filename Name of the SRVTAB file.