DragonFly On-Line Manual Pages

Search: Section:  

KLIST(1)                         MIT Kerberos                         KLIST(1)


NAME

       klist - list cached Kerberos tickets


SYNOPSIS

       klist [-e] [[-c] [-l] [-A] [-f] [-s] [-a [-n]]] [-C] [-k [-i] [-t]
       [-K]] [-V] [-d] [cache_name|keytab_name]


DESCRIPTION

       klist lists the Kerberos principal and Kerberos tickets held in a
       credentials cache, or the keys held in a keytab file.


OPTIONS


       -e     Displays the encryption types of the session key and the ticket
              for each credential in the credential cache, or each key in the
              keytab file.

       -l     If a cache collection is available, displays a table summarizing
              the caches present in the collection.

       -A     If a cache collection is available, displays the contents of all
              of the caches in the collection.

       -c     List tickets held in a credentials cache. This is the default if
              neither -c nor -k is specified.

       -f     Shows the flags present in the credentials, using the following
              abbreviations:

                 F    Forwardable
                 f    forwarded
                 P    Proxiable
                 p    proxy
                 D    postDateable
                 d    postdated
                 R    Renewable
                 I    Initial
                 i    invalid
                 H    Hardware authenticated
                 A    preAuthenticated
                 T    Transit policy checked
                 O    Okay as delegate
                 a    anonymous

       -s     Causes klist to run silently (produce no output).  klist will
              exit with status 1 if the credentials cache cannot be read or is
              expired, and with status 0 otherwise.

       -a     Display list of addresses in credentials.

       -n     Show numeric addresses instead of reverse-resolving addresses.

       -C     List configuration data that has been stored in the credentials
              cache when klist encounters it.  By default, configuration data
              is not listed.

       -k     List keys held in a keytab file.

       -i     In combination with -k, defaults to using the default client
              keytab instead of the default acceptor keytab, if no name is
              given.

       -t     Display the time entry timestamps for each keytab entry in the
              keytab file.

       -K     Display the value of the encryption key in each keytab entry in
              the keytab file.

       -d     Display the authdata types (if any) for each entry.

       -V     Display the Kerberos version number and exit.

       If cache_name or keytab_name is not specified, klist will display the
       credentials in the default credentials cache or keytab file as
       appropriate.  If the KRB5CCNAME environment variable is set, its value
       is used to locate the default ticket cache.


ENVIRONMENT

       See kerberos(7) for a description of Kerberos environment variables.


FILES


       FILE:/tmp/krb5cc_%{uid}
              Default location of Kerberos 5 credentials cache

       FILE:/etc/krb5.keytab
              Default location for the local host's keytab file.


SEE ALSO

       kinit(1), kdestroy(1), kerberos(7)


AUTHOR

       MIT


COPYRIGHT

       1985-2023, MIT

1.21.2                                                                KLIST(1)

Search: Section: