Creating the Kerberos Keys - Analytics Database - Teradata Vantage

Security Administration

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2024-04-05
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572
lifecycle
latest
Product Category
Teradata Vantage™

Use the ktadd command in kadmin.local to create the keytab file to contain the Teradata Vantage node keys. For example, for a Vantage node:

kadmin.local: ktadd –k /etc/principal_name.keytab TERADATA/
 principal_name.esrootdom.esdev.tdat@UNIX.ESROOTDOM.ESDEV.TDAT

Entry for principal TERADATA/
 principal_name.esrootdom.esdev.tdat@UNIX.ESROOTDOM.ESDEV.TDAT with kvno 
2, encryption type AES-256 CTS mode with 96-bit SHA-1 HMAC added to keytab WRFILE:/etc/principal_name.keytab.
Entry for principal TERADATA/
 principal_name.esrootdom.esdev.tdat@UNIX.ESROOTDOM.ESDEV.TDAT with kvno 
2, encryption type AES-128 CTS mode with 96-bit SHA-1 HMAC added to keytab WRFILE:/etc/principal_name.keytab.
Entry for principal TERADATA/
 principal_name.esrootdom.esdev.tdat@UNIX.ESROOTDOM.ESDEV.TDAT with kvno 
2, encryption type Triple DES cbc mode with HMAC/sha1 added to keytab WRFILE:/etc/principal_name.keytab.
Entry for principal TERADATA/
 principal_name.esrootdom.esdev.tdat@UNIX.ESROOTDOM.ESDEV.TDAT with kvno 
2, encryption type ArcFour with HMAC/md5 added to keytab WRFILE:/etc/principal_name.keytab.
principal_name.esrootdom.esdev.tdat
The FQDN of a Teradata Vantage node.
principal_name must use the naming conventions in step 4 of Creating a Computer Component for Database Nodes Server.

UNIX.ESROOTDOM.ESDEV.TDAT is the Kerberos realm in which the Vantage node principals are being added.