 dbc3262a57
			
		
	
	dbc3262a57
	
	
	
		
			
			git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@8021 ec53bebd-3082-4978-b11e-865c3cabbd6b
		
			
				
	
	
		
			186 lines
		
	
	
		
			3.7 KiB
		
	
	
	
		
			Groff
		
	
	
	
	
	
			
		
		
	
	
			186 lines
		
	
	
		
			3.7 KiB
		
	
	
	
		
			Groff
		
	
	
	
	
	
| .\" $Id$
 | |
| .\"
 | |
| .Dd May 29, 1998
 | |
| .Dt KINIT 1
 | |
| .Os HEIMDAL
 | |
| .Sh NAME
 | |
| .Nm kinit ,
 | |
| .Nm kauth
 | |
| .Nd
 | |
| acquire initial tickets
 | |
| .Sh SYNOPSIS
 | |
| .Nm kinit
 | |
| .Op Fl 4 | Fl -524init
 | |
| .Op Fl -afslog
 | |
| .Oo Fl c Ar cachename \*(Ba Xo
 | |
| .Fl -cache= Ns Ar cachename Oc
 | |
| .Xc
 | |
| .Op Fl f | Fl -forwardable
 | |
| .Oo Fl t Ar keytabname \*(Ba Xo
 | |
| .Fl -keytab= Ns Ar keytabname Oc
 | |
| .Xc
 | |
| .Oo Fl l Ar seconds \*(Ba Xo
 | |
| .Fl -lifetime= Ns Ar seconds Oc
 | |
| .Xc
 | |
| .Op Fl p | Fl -proxiable
 | |
| .Op Fl R | Fl -renew
 | |
| .Op Fl -renewable
 | |
| .Oo Fl r Ar seconds \*(Ba Xo
 | |
| .Fl -renewable-life= Ns Ar seconds Oc
 | |
| .Xc
 | |
| .Oo Fl S Ar principal \*(Ba Xo
 | |
| .Fl -server= Ns Ar principal Oc
 | |
| .Xc
 | |
| .Oo Fl s Ar seconds \*(Ba Xo
 | |
| .Fl -start-time= Ns Ar seconds Oc
 | |
| .Xc
 | |
| .Op Fl k | Fl -use-keytab
 | |
| .Op Fl v | Fl -validate
 | |
| .Oo Fl e Ar enctype \*(Ba Xo
 | |
| .Fl -enctypes= Ns Ar enctype Oc
 | |
| .Xc
 | |
| .Op Fl -fcache-version= Ns Ar integer
 | |
| .Op Fl -no-addresses
 | |
| .Op Fl -anonymous
 | |
| .Op Fl -version
 | |
| .Op Fl -help
 | |
| .Op Ar principal
 | |
| .Sh DESCRIPTION
 | |
| .Nm
 | |
| is used to authenticate to the kerberos server as
 | |
| .Ar principal ,
 | |
| or if none is given, a system generated default, and acquire a ticket
 | |
| granting ticket that can later be used to obtain tickets for other
 | |
| services.
 | |
| Supported options:
 | |
| .Bl -tag -width Ds
 | |
| .It Xo
 | |
| .Fl c Ar cachename
 | |
| .Fl -cache= Ns Ar cachename
 | |
| .Xc
 | |
| The credentials cache to put the acquired ticket in, if other than
 | |
| default.
 | |
| .It Xo
 | |
| .Fl f Ns ,
 | |
| .Fl -forwardable
 | |
| .Xc
 | |
| Get ticket that can be forwarded to another host.
 | |
| .It Xo
 | |
| .Fl t Ar keytabname Ns ,
 | |
| .Fl -keytab= Ns Ar keytabname
 | |
| .Xc
 | |
| Don't ask for a password, but instead get the key from the specified
 | |
| keytab.
 | |
| .It Xo 
 | |
| .Fl l Ar seconds Ns , 
 | |
| .Fl -lifetime= Ns Ar seconds
 | |
| .Xc
 | |
| Specifies the lifetime of the ticket.
 | |
| .It Xo
 | |
| .Fl p Ns ,
 | |
| .Fl -proxiable
 | |
| .Xc
 | |
| Request tickets with the proxiable flag set.
 | |
| .It Xo
 | |
| .Fl R Ns ,
 | |
| .Fl -renew
 | |
| .Xc
 | |
| Try to renew ticket. The ticket must have the
 | |
| .Sq renewable
 | |
| flag set, and must not be expired.
 | |
| .It Fl -renewable
 | |
| The same as
 | |
| .Fl -renewable-life ,
 | |
| with an infinite time.
 | |
| .It Xo
 | |
| .Fl r Ar seconds Ns ,
 | |
| .Fl -renewable-life= Ns Ar seconds
 | |
| .Xc
 | |
| The max renewable ticket life.
 | |
| .It Xo
 | |
| .Fl S Ar principal Ns ,
 | |
| .Fl -server= Ns Ar principal
 | |
| .Xc
 | |
| Get a ticket for a service other than krbtgt/LOCAL.REALM.
 | |
| .It Xo
 | |
| .Fl s Ar seconds Ns ,
 | |
| .Fl -start-time= Ns Ar seconds
 | |
| .Xc
 | |
| Start time of ticket, if other than the current time.
 | |
| .It Xo
 | |
| .Fl k Ns ,
 | |
| .Fl -use-keytab
 | |
| .Xc
 | |
| The same as
 | |
| .Fl -keytab ,
 | |
| but with the default keytab name (normally
 | |
| .Ar FILE:/etc/krb5.keytab ) .
 | |
| .It Xo
 | |
| .Fl v Ns ,
 | |
| .Fl -validate
 | |
| .Xc
 | |
| Try to validate an invalid ticket.
 | |
| .It Xo
 | |
| .Fl e ,
 | |
| .Fl -enctypes= Ns Ar enctypes
 | |
| .Xc
 | |
| Request tickets with this particular enctype.
 | |
| .It Xo
 | |
| .Fl -fcache-version= Ns Ar version
 | |
| .Xc
 | |
| Create a credentials cache of version
 | |
| .Nm version .
 | |
| .It Xo
 | |
| .Fl -no-addresses
 | |
| .Xc
 | |
| Request a ticket with no addresses.
 | |
| .It Xo
 | |
| .Fl -anonymous
 | |
| Request an anonymous ticket.
 | |
| .Xc
 | |
| .El
 | |
| 
 | |
| The following options are only available if
 | |
| .Nm 
 | |
| has been compiled with support for Kerberos 4. The 
 | |
| .Nm kauth
 | |
| program is identical to
 | |
| .Nm kinit ,
 | |
| but has these options enabled by
 | |
| default.
 | |
| .Bl -tag -width Ds
 | |
| .It Xo
 | |
| .Fl 4 Ns ,
 | |
| .Fl -524init
 | |
| .Xc
 | |
| Try to convert the obtained krbtgt to a version 4 compatible
 | |
| ticket. It will store this ticket in the default Kerberos 4 ticket
 | |
| file.
 | |
| .It Fl -afslog
 | |
| Gets AFS tickets, converts them to version 4 format, and stores them
 | |
| in the kernel. Only useful if you have AFS.
 | |
| .El
 | |
| .Sh ENVIRONMENT
 | |
| .Bl -tag -width Ds
 | |
| .It Ev KRB5CCNAME
 | |
| Specifies the default cache file.
 | |
| .It Ev KRB5_CONFIG
 | |
| The directory where the
 | |
| .Pa krb5.conf
 | |
| can be found, default is 
 | |
| .Pa /etc .
 | |
| .It Ev KRBTKFILE
 | |
| Specifies the Kerberos 4 ticket file to store version 4 tickets in.
 | |
| .El
 | |
| .\".Sh FILES
 | |
| .\".Sh EXAMPLES
 | |
| .\".Sh DIAGNOSTICS
 | |
| .Sh SEE ALSO
 | |
| .Xr krb5.conf 5 ,
 | |
| .Xr klist 1 ,
 | |
| .Xr kdestroy 1
 | |
| .\".Sh STANDARDS
 | |
| .\".Sh HISTORY
 | |
| .\".Sh AUTHORS
 | |
| .\".Sh BUGS
 |