klist(1)
NAME
klist - list currently held Kerberos tickets
SYNOPSIS
/usr/bin/klist [-e] [ [-c] [-f] [-s] [ -a [-n]]
[cache_name]] [ -k [-t] [-K] [keytab_file]]
DESCRIPTION
The klist utility prints the name of the credentials cache,
the identity of the principal that the tickets are for (as
listed in the ticket file), and the principal names of all
Kerberos tickets currently held by the user, along with the
issue and expiration time for each authenticator. Principal
names are listed in the form name/instance@realm, with the
'/' omitted if the instance is not included, and the '@'
omitted if the realm is not included.
If cache_file or keytab_name is not specified, klist will
display the credentials in the default credentials cache or
keytab files as appropriate. By default, your ticket will be
stored in the file /tmp/krb5cc_uid, where uid is the current
user-ID of the user.
OPTIONS
The following options are supported:
-a Displays list of addresses in credentials. Uses the
configured nameservice to translate numeric network
addresses to the associated hostname if possible.
-c [cache_name]
Lists tickets held in a credentials cache. This is the
default if neither -c nor -k is specified.
-e Displays the encryption types of the session key and
the ticket for each credential in the credential
cache, or each key in the keytab file.
-f Shows the flags present in the credentials, using the
following abbreviations:
F Forwardable
f forwarded
P Proxiable
p proxy
D postDateable
d postdated
R Renewable
I Initial
i invalid
-k [keytab_file]
List keys held in a keytab file.
-K Displays the value of the encryption key in each key-
tab entry in the keytab file.
-n Shows numeric IP addresses instead of reverse-
resolving addresses. Only valid with -a option.
-s Causes klist to run silently (produce no output), but
to still set the exit status according to whether it
finds the credentials cache. The exit status is ` 0'
if klist finds a credentials cache, and ` 1' if it
does not.
-t Displays the time entry timestamps for each keytab
entry in the keytab file.
ENVIRONMENT VARIABLES
klist uses the following environment variable:
KRB5CCNAME
Location of the credentials (ticket) cache.
FILES
/tmp/krb5cc_uid
Default credentials cache (uid is the decimal UID of
the user).
/etc/krb5/krb5.keytab
Default location for the local host's keytab file.
/etc/krb5/krb5.conf
Default location for the local host's configuration
file. See krb5.conf(4).
ATTRIBUTES
See attributes(5) for descriptions of the following attri-
butes:
____________________________________________________________
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|_____________________________|_____________________________|
| Availability | SUNWkrbu |
|_____________________________|_____________________________|
| Interface Stability | |
|_____________________________|_____________________________|
| Command arguments | Evolving |
|_____________________________|_____________________________|
| Command output | Unstable |
|_____________________________|_____________________________|
SEE ALSO
kdestroy(1), kinit(1), krb5.conf(4), attributes(5), SEAM(5)
BUGS
When reading a file as a service key file, very little error
checking is performed.
Man(1) output converted with
man2html