进入kadmin | kadmin.local/kadmin |
创建数据库 | kdb5_util create -r JENKIN.COM -s |
启动kdc服务 | service krb5kdc start |
启动kadmin服务 | service kadmin start |
修改当前密码 | kpasswd |
测试keytab可用性 | kinit -k -t /var/kerberos/krb5kdc/keytab/root.keytab root/master1@JENKIN.COM |
查看keytab | klist -e -k -t /etc/krb5.keytab |
清除缓存 | kdestroy |
通过keytab文件认证登录 | kinit -kt /var/run/cloudera-scm-agent/process/***-HIVESERVER2/hive.keytab hive/node2 |
|
|
kadmin模式下: |
|
生成随机key的principal | addprinc -randkey root/master1@JENKIN.COM |
生成指定key的principal | Addprinc -pw **** admin/admin@JENKIN.COM |
查看principal | listprincs |
修改admin/admin的密码 | cpw -pw xxxx admin/admin |
添加/删除principle | addprinc/delprinc admin/admin |
直接生成到keytab | ktadd -k /etc/krb5.keytab host/master1@JENKIN.COM |
设置密码策略(policy) | addpol -maxlife "90 days" -minlife "75 days" -minlength 8 -minclasses 3 -maxfailure 10 -history 10 user |
添加带有密码策略的用户 | addprinc -policy user hello/admin@HADOOP.COM |
修改用户的密码策略 | modprinc -policy user1 hello/admin@HADOOP.COM |
删除密码策略 | delpol [-force] user |
修改密码策略 | modpol -maxlife "90 days" -minlife "75 days" -minlength 8 -minclasses 3 -maxfailure 10 user |
Kerberos常用命令总结
最新推荐文章于 2024-08-06 20:45:00 发布