On Fri, Mar 27, 2015 at 03:37:03PM -0400, Tim Sattarov wrote:
You can just spit it to stdin of ktutil
echo -e "add_entry -password -p alice@BLEEP.COM -k 1 -e aes128-cts-hmac-sha1-96\ntest\nwkt test_srv" | ktutil
or if you don't want to keep passwords in shell history, put commands to the file and then
It also has the problem that it is in the command line arguments and hence visible in the process table to any user on the system.
cat command_file | ktutil
where command file is --- add_entry -password -p alice@BLEEP.COM -k 1 -e aes128-cts-hmac-sha1-96 test wkt test_srv ---
Of course that means it is written to disk, unless you use a file on a ramdisk, which is also considered bad by sufficiently paranoid people. A file on a ramdisk is an improvement at least. -- Len Sorensen