X-Git-Url: https://git.openafs.org/?p=openafs.git;a=blobdiff_plain;f=doc%2Fxml%2FAdminGuide%2Fauagd014.xml;h=70dbde2a9c3a700623597709052d0ea08db031b0;hp=961181a285f873becc04b67710c9134fabf19ffa;hb=2f435309c75dfd8ffe0cfb3e1a54749437cba3be;hpb=da9f42d044725ae128feffcfbeaab67b31aaab44
diff --git a/doc/xml/AdminGuide/auagd014.xml b/doc/xml/AdminGuide/auagd014.xml
index 961181a..70dbde2 100644
--- a/doc/xml/AdminGuide/auagd014.xml
+++ b/doc/xml/AdminGuide/auagd014.xml
@@ -1095,158 +1095,27 @@
Database and the KeyFile file on every server machine, so that the TGS and all server processes
again share the same key.
- Handling key emergencies requires some unusual actions. The reasons for these actions are explained in the following
- sections; the actual procedures appear in the subsequent instructions.
-
-
- Prevent Mutual Authentication
-
- It is necessary to prevent the server processes from trying to mutually authenticate with you as you deal with a key
- emergency, because they possibly cannot decrypt your token. When you do not mutually authenticate, the server processes assign
- you the identity anonymous. To prevent mutual authentication, use the unlog command to discard your tokens and include the -noauth flag on
- every command where it is available.
-
-
-
-
-
-
-
-
-
- Change Individual KeyFile Files
-
- If you use the Update Server to distribute the contents of the /usr/afs/etc directory,
- an emergency is the only time when it is appropriate to change the KeyFile file on individual
- machines instead. Updating each machine's file is necessary because mismatched keys can prevent the system control machine's
- upserver process from mutually authenticating with upclientetc processes on other server machines, in which case the upserver process refuses to distribute its KeyFile file to
- them.
-
- Even if it appears that the Update Server is working correctly, the only way to verify that is to change the key on the
- system control machine and wait the standard delay period to see if the upclientetc processes
- retrieve the key. During an emergency, it does not usually make sense to wait the standard delay period. It is more efficient
- simply to update the file on each server machine separately. Also, even if the Update Server can distribute the file
- correctly, other processes can have trouble because of mismatched keys. The following instructions add the new key file on the
- system control machine first. If the Update Server is working, then it is distributing the same change as you are making on
- each server machine individually.
-
- If your cell does not use the Update Server or you always change keys on server
- machines individually. The following instructions are also appropriate for you.
-
-
-