Support Questions

Find answers, ask questions, and share your expertise

[KERBEROS] KVNO is different from each other principal

avatar
Rising Star

Hai, everyone

My principal KVNO is different from each other principals like this

root@master:~# kvno  hdfs-hadoop@EXAMPLE.COM kvno nn/master.hadoop.com@EXAMPLE.COM
hdfs-hadoop@EXAMPLE.COM: kvno = 3
kvno: Server kvno@EXAMPLE.COM not found in Kerberos database while getting credentials for kvno@EXAMPLE.COM
nn/master.hadoop.com@EXAMPLE.COM: kvno = 2

Can the kvno be different from each other's principals?

1 REPLY 1

avatar
Master Collaborator

@rizalt 

Yes, the Key Version Numbers (KVNO) of different principals can indeed be different. Each principal in Kerberos can have its own KVNO, which is an identifier that increments each time the key for that principal is changed.

Reference: https://web.mit.edu/kerberos/www/krb5-latest/doc/user/user_commands/kvno.html#:~:text=specified%20Ke...

 

Regards,

Chethan YM