How to Rebuild the Kerberos Database

The kdestroy command destroys the user's authentication tickets, which are located in /tmp/tkt<uid>.

The kdb_destroy command destroys the kerberos authentication database, which is located in /var/kerberos/*.

This removes the following files:

• krb-srvtab: contains the keys for services on the nodes
• krb.conf: contains the SP authentication configuration
• krb.realms: specifies the translations from host names to authentication realms

This removes the .klogin file, which contains a list of principals that are authorized to invoke processes as the root user with the SP-authenticated remote commands [rsh,rcp].

This removes the Kerberos Master key cache file.

This command insures that the authentication database files are completely removed.

This command configures SP authentication services. Executing this command invokes an interactive dialog, in which various utility programs are invoked to accomplish this configuration. (Refer to Chapter 1, the "Understanding RS/6000 SP Installation" section of the IBM RISC System/6000 Scalable POWERparallel Systems Installation Guide.)

NOTE: In PSSP 2.3 and later this step will also perform the actions listed in steps 9 and 10.

This command will recycle the hardmon daemon and let it get a new hardmon ticket so it can monitor the hardware properly.

NOTE: if you are running PSSP 2.3 or later you may skip to step 11 after completing step 8.

This command will add the necessary remote command (RCMD) principals for the nodes to the Kerberos database based on what is defined in the SDR for those nodes.

1. Execute the command smitty node_data.
2. Select BOOT/INSTALL/USR SERVER INFORMATION.
3. Enter START FRAME, START SLOT, and NODE COUNT or NODE LIST.
4. Set RESPONSE FROM SERVER TO BOOTP REQUEST to "customize".
5. Verify that RUN SETUP SERVER ON THE CW is set to "yes".
6. Press Enter to execute setup_server.