16.10 - Replacing Existing Kerberos Keys Versus Merging Keys - Teradata Database

Teradata Database Security Administration

Product
Teradata Database
Release Number
16.10
Release Date
June 2017
Content Type
Administration
Security
Publication ID
B035-1100-161K
Language
English (United States)

If you need to replace existing Kerberos keys with new keys, for example, when site security policy requires periodic key updates, you can overwrite the existing keys during installation.

  1. Install new keys for the first KDC as shown in Initial Installation of Kerberos Keys for the First KDC.
  2. The installation overwrites all key sets in the file for all nodes to which you distribute the keys.
If you have new keys for additional KDCs, install the remaining key sets as shown in Installing Kerberos Keys for Additional KDCs (Merging Keys) to merge the additional key sets with the first replacement set installed in step 1 above.