incepttechnologies/verifyKeytab

## verifyKeytab
The contents of keytab file can be verified using either Unix/linux ktutil or klist commands or java ktab utility.


(1)
-bash-3.2$ ktutil
ktutil:  rkt krba01.keytab
ktutil:  list

slot KVNO Principal
---- ---- ------------------------------------------------------------------------------------------------
   1    3    HTTP/krba01.incept.lab@INCEPT.LAB
   2    3    service_krba01@INCEPT.LAB


(2)
-bash-3.2$ klist -k –t krba01.keytab

KVNO Timestamp              Principal
---- ---------------- -----------------------------------------------------------
   3 05/12/2013 15:25 HTTP/krba01.incept.lab@INCEPT.LAB
   3 05/12/2013 15:25 service_krba01@INCEPT.LAB


(3)
To get encryption type of keys
-bash-3.2$ klist -k -e –t krba01.keytab

Keytab name: FILE:krba01.keytab
KVNO Principal
---- ---------------------------------------------------------------------------------
   3 HTTP/krba01.incept.lab@INCEPT.LAB (ArcFour with HMAC/md5)
   3 service_krba01@INCEPT.LAB (ArcFour with HMAC/md5)


(4)
Alternatively you can also use Klist or Ktab utility that comes with standard java.

C:\>java sun.security.krb5.internal.tools.Klist -k -t krba01.keytab

Key tab: krba01.keytab, 2 entries found.

[1] Service principal: HTTP/krba01.incept.lab@INCEPT.LAB
         KVNO: 3
         Time stamp: Dec 05, 2013 15:25
[2] Service principal: service_krba01@INCEPT.LAB
         KVNO: 3
         Time stamp: Dec 05, 2013 15:25

C:\>java sun.security.krb5.internal.tools.Ktab -l -e -t -k krba01.keytab

Keytab name: krba01.keytab
KVNO Timestamp       Principal
---- --------------- ---------------------------------------------------------------------------
   3 12/5/13 3:25 PM HTTP/krba01.incept.lab@INCEPT.LAB (23:RC4 with HMAC)
   3 12/5/13 3:25 PM service_krba01@INCEPT.LAB (23:RC4 with HMAC)
	The contents of keytab file can be verified using either Unix/linux ktutil or klist commands or java ktab utility.


	(1)
	-bash-3.2$ ktutil
	ktutil: rkt krba01.keytab
	ktutil: list

	slot KVNO Principal
	---- ---- ------------------------------------------------------------------------------------------------
	1 3 HTTP/krba01.incept.lab@INCEPT.LAB
	2 3 service_krba01@INCEPT.LAB


	(2)
	-bash-3.2$ klist -k –t krba01.keytab

	KVNO Timestamp Principal
	---- ---------------- -----------------------------------------------------------
	3 05/12/2013 15:25 HTTP/krba01.incept.lab@INCEPT.LAB
	3 05/12/2013 15:25 service_krba01@INCEPT.LAB



	(3)
	To get encryption type of keys
	-bash-3.2$ klist -k -e –t krba01.keytab

	Keytab name: FILE:krba01.keytab
	KVNO Principal
	---- ---------------------------------------------------------------------------------
	3 HTTP/krba01.incept.lab@INCEPT.LAB (ArcFour with HMAC/md5)
	3 service_krba01@INCEPT.LAB (ArcFour with HMAC/md5)


	(4)
	Alternatively you can also use Klist or Ktab utility that comes with standard java.

	C:\>java sun.security.krb5.internal.tools.Klist -k -t krba01.keytab

	Key tab: krba01.keytab, 2 entries found.

	[1] Service principal: HTTP/krba01.incept.lab@INCEPT.LAB
	KVNO: 3
	Time stamp: Dec 05, 2013 15:25
	[2] Service principal: service_krba01@INCEPT.LAB
	KVNO: 3
	Time stamp: Dec 05, 2013 15:25

	C:\>java sun.security.krb5.internal.tools.Ktab -l -e -t -k krba01.keytab

	Keytab name: krba01.keytab
	KVNO Timestamp Principal
	---- --------------- ---------------------------------------------------------------------------
	3 12/5/13 3:25 PM HTTP/krba01.incept.lab@INCEPT.LAB (23:RC4 with HMAC)
	3 12/5/13 3:25 PM service_krba01@INCEPT.LAB (23:RC4 with HMAC)