17.10 - Replacing Existing Kerberos Keys Versus Merging Keys - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Release Date
July 2021
Content Type
Administration
Security
Publication ID
B035-1100-171K
Language
English (United States)

If you need to replace existing Kerberos keys with new keys, for example, when site security policy requires periodic key updates, you can overwrite the existing keys during installation.

  1. Install new keys for the first KDC as shown in Initial Installation of Kerberos Keys for the First KDC.
  2. The installation overwrites all key sets in the file for all nodes to which you distribute the keys.
If you have new keys for additional KDCs, install the remaining key sets as shown in Installing Kerberos Keys for Additional KDCs (Merging Keys) to merge the additional key sets with the first replacement set installed in step 1 above.