ktutil - Kerberos keytab maintenance utility




     The ktutil command is an interactive command-line  interface
     utility  for managing  the keylist in keytab files. You must
     read in a keytab's keylist  before you can manage it.  Also,
     the  user  running  the  ktutil command must have read/write
     permissions on the keytab. For example, if a keytab is owned
     by  root,  which it typically is, ktutil must be run as root
     to have the appropriate permissions.


      clear_list, clear
           Clears the current keylist.

     read_kt file,  rkt file
           Reads a keytab into  the  current  keylist.  You  must
           specify a keytab file to read.

     write_kt file,  wkt file
           Writes the current keylist to a keytab file. You  must
           specify  a  keytab  file  to write. If the keytab file
           already exists, the current keylist is appended to the
           existing keytab file.

     delete_entry number , delent number
           Deletes an entry from the current keylist. Specify the
           entry by the keylist slot number.

     list, l
           Lists the current keylist.

     list_request, lr
           Lists available requests (commands).

     quit, exit,  q
           Exits utility.


     Example 1: Deleting a principal from a file

     The following example deletes the host/denver@ACME.com prin-
     cipal  from  the  /etc/krb5/krb5.keytab file. Notice that if
     you want to delete an entry from  an  existing  keytab,  you
     must  first write the keylist to a temporary keytab and then
     overwrite the existing keytab with the the temporary keytab.
     This is because the wkt command actually appends the current
     keylist to an existing  keytab,  so  you  can't  use  it  to
     overwrite a keytab.

     example# /usr/krb5/bin/ktutil
         ktutil: rkt /etc/krb5/krb5.keytab
         ktutil: list
     slot KVNO Principal
     ---- ---- ---------------------------------------
        1    8 host/vail@ACME.COM
        2    5 host/denver@ACME.COM
         ktutil:delent 2
     slot KVNO Principal
     ---- ---- --------------------------------------
        1    8 host/vail@ACME.COM
         ktutil:wkt /tmp/krb5.keytab
     example# mv /tmp/krb5.keytab /etc/krb5/krb5.keytab


           keytab file for Kerberos clients


     See attributes(5) for descriptions of the  following  attri-

    |       ATTRIBUTE TYPE        |       ATTRIBUTE VALUE       |
    | Availability                | SUNWkrbu                    |



Man(1) output converted with man2html