From b83470f88c64cff8eb936e1c108567844fd1546c Mon Sep 17 00:00:00 2001
From: Alexander W Dehnert <adehnert@mit.edu>
Date: Fri, 8 Mar 2013 21:42:01 -0500
Subject: [PATCH] clarify that ktadd/ktremove are kadmin subcommands

---
 doc/kerberized-server.mdwn | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/doc/kerberized-server.mdwn b/doc/kerberized-server.mdwn
index bb36f93..9530759 100644
--- a/doc/kerberized-server.mdwn
+++ b/doc/kerberized-server.mdwn
@@ -44,11 +44,11 @@ To change the supported enctypes, run `kadmin`:
 
     kadmin -p daemon/kronborg.mit.edu  -k -t daemon.kronborg.keytab
 
-Then, create new keys:
+From within `kadmin`, to create new keys:
 
     ktadd -k daemon.kronborg.keytab -e aes256-cts:normal -e aes128-cts:normal daemon/kronborg.mit.edu
 
-After all tickets currently issued against your service expire (which will happen after at most one day), you should remove the old keys from your keytab:
+After all tickets currently issued against your service expire (which will happen after at most one day), you should remove the old keys from your keytab. If there are no outstanding tickets, you can do this from within `kadmin`:
 
     ktremove -k daemon.kronborg.keytab daemon/kronborg.mit.edu old
 
-- 
2.45.0