To remove a specific key from a keytab file, do the following:
1. Verify that you have the necessary privilege to issue the command. You must be included in the admin.bos list on the machine on which the keytab file to be affected is located. If necessary, issue the bos lsadmin command to check the admin.bos list on the appropriate machine.
2. Remove one or more keys from the keytab file with the bos rmkey command:
$ bos rmkey -server machine -kvno version_number... [-principal name]
The -kvno version_number option is the key version number of each key to be removed for the indicated principal. Valid arguments for this option are integers in the range 1 to 255.
The -principal name option is the principal name associated with the keys to be removed from the keytab file. The default is the DFS principal name of the machine specified with -server.