17.20 - Creating the Kerberos Keys - Analytics Database - Teradata Vantage

Teradata Vantage™ - Analytics Database Security Administration - 17.20
Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2023-03-07
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572

Use the ktadd command in kadmin.local to create the keytab file to contain the Teradata Vantage node keys. For example, for a Vantage node:

kadmin.local: ktadd –k /etc/principal_name.keytab TERADATA/
 principal_name.esrootdom.esdev.tdat@UNIX.ESROOTDOM.ESDEV.TDAT

Entry for principal TERADATA/
 principal_name.esrootdom.esdev.tdat@UNIX.ESROOTDOM.ESDEV.TDAT with kvno 
2, encryption type AES-256 CTS mode with 96-bit SHA-1 HMAC added to keytab WRFILE:/etc/principal_name.keytab.
Entry for principal TERADATA/
 principal_name.esrootdom.esdev.tdat@UNIX.ESROOTDOM.ESDEV.TDAT with kvno 
2, encryption type AES-128 CTS mode with 96-bit SHA-1 HMAC added to keytab WRFILE:/etc/principal_name.keytab.
Entry for principal TERADATA/
 principal_name.esrootdom.esdev.tdat@UNIX.ESROOTDOM.ESDEV.TDAT with kvno 
2, encryption type Triple DES cbc mode with HMAC/sha1 added to keytab WRFILE:/etc/principal_name.keytab.
Entry for principal TERADATA/
 principal_name.esrootdom.esdev.tdat@UNIX.ESROOTDOM.ESDEV.TDAT with kvno 
2, encryption type ArcFour with HMAC/md5 added to keytab WRFILE:/etc/principal_name.keytab.
principal_name.esrootdom.esdev.tdat
The FQDN of a Teradata Vantage node.
principal_name must use the naming conventions in step 4 of Creating a Computer Component for Database Nodes Server.

UNIX.ESROOTDOM.ESDEV.TDAT is the Kerberos realm in which the Vantage node principals are being added.