16.10 - Replacing Existing Kerberos Keys Versus Merging Keys - Teradata Database

Teradata Database Security Administration

prodname
Teradata Database
vrm_release
16.10
created_date
June 2017
category
Administration
Security
featnum
B035-1100-161K

If you need to replace existing Kerberos keys with new keys, for example, when site security policy requires periodic key updates, you can overwrite the existing keys during installation.

  1. Install new keys for the first KDC as shown in Initial Installation of Kerberos Keys for the First KDC.
  2. The installation overwrites all key sets in the file for all nodes to which you distribute the keys.
If you have new keys for additional KDCs, install the remaining key sets as shown in Installing Kerberos Keys for Additional KDCs (Merging Keys) to merge the additional key sets with the first replacement set installed in step 1 above.