Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

kvno(1) [centos man page]

KVNO(1) 							   MIT Kerberos 							   KVNO(1)

NAME

       kvno - print key version numbers of Kerberos principals

SYNOPSIS

       kvno [-c ccache] [-e etype] [-q] [-h] [-P] [-S sname] [-U for_user] service1 service2 ...

DESCRIPTION

       kvno acquires a service ticket for the specified Kerberos principals and prints out the key version numbers of each.

OPTIONS

       -c ccache
	      Specifies the name of a credentials cache to use (if not the default)

       -e etype
	      Specifies  the enctype which will be requested for the session key of all the services named on the command line.  This is useful in
	      certain backward compatibility situations.

       -q     Suppress printing output when successful.  If a service ticket cannot be obtained, an error message will still be printed  and  kvno
	      will exit with nonzero status.

       -h     Prints a usage statement and exits.

       -P     Specifies  that  the  service1  service2 ...  arguments are to be treated as services for which credentials should be acquired using
	      constrained delegation.  This option is only valid when used in conjunction with protocol transition.

       -S sname
	      Specifies that the service1 service2 ... arguments are interpreted as hostnames, and the service principals are  to  be  constructed
	      from  those hostnames and the service name sname.  The service hostnames will be canonicalized according to the usual rules for con-
	      structing service principals.

       -U for_user
	      Specifies that protocol transition (S4U2Self) is to be used to acquire a ticket on behalf of for_user.  If constrained delegation is
	      not requested, the service name must match the credentials cache client principal.

ENVIRONMENT

       kvno uses the following environment variable:

       KRB5CCNAME
	      Location of the credentials (ticket) cache.

FILES

       FILE:/tmp/krb5cc_%{uid}
	      Default location of the credentials cache

SEE ALSO

       kinit(1), kdestroy(1)

AUTHOR

       MIT

COPYRIGHT

       1985-2013, MIT

1.11.3																	   KVNO(1)

Check Out this Related Man Page

KDESTROY(1)						      General Commands Manual						       KDESTROY(1)

NAME

       kdestroy - destroy Kerberos tickets

SYNOPSIS

       kdestroy [-5] [-4] [-q] [-c cache_name]

DESCRIPTION

       The  kdestroy  utility  destroys  the user's active Kerberos authorization tickets by writing zeros to the specified credentials cache that
       contains them.  If the credentials cache is not specified, the default credentials cache is destroyed.  If kdestroy was built with Kerberos
       4  support,  the default behavior is to destroy both Kerberos 5 and Kerberos 4 credentials.  Otherwise, kdestroy will default to destroying
       only Kerberos 5 credentials.

OPTIONS

       -5     destroy Kerberos 5 credentials.  This overrides whatever the default built-in behavior may be.  This option may be used with -4

       -4     destroy Kerberos 4 credentials.  This overrides whatever the default built-in behavior may be.  This option  is  only  available	if
	      kinit was built with Kerberos 4 compatibility.  This option may be used with -5

       -q     Run quietly.  Normally kdestroy beeps if it fails to destroy the user's tickets.	The -q flag suppresses this behavior.

       -c cache_name
	      use  cache_name as the credentials (ticket) cache name and location; if this option is not used, the default cache name and location
	      are used.

	      The default credentials cache may vary between systems.  If the KRB5CCNAME environment variable is set, its value is  used  to  name
	      the default ticket cache.

       Most  installations  recommend  that  you place the kdestroy command in your .logout file, so that your tickets are destroyed automatically
       when you log out.

ENVIRONMENT

       Kdestroy uses the following environment variables:

       KRB5CCNAME      Location of the Kerberos 5 credentials (ticket) cache.

       KRBTKFILE      Filename of the Kerberos 4 credentials (ticket) cache.

FILES

       /tmp/krb5cc_[uid]  default location of Kerberos 5 credentials cache ([uid] is the decimal UID of the user).

       /tmp/tkt[uid]  default location of Kerberos 4 credentials cache ([uid] is the decimal UID of the user).

SEE ALSO

       kinit(1), klist(1), krb5(3)

BUGS

       Only the tickets in the specified credentials cache are destroyed.  Separate ticket caches are used to  hold  root  instance  and  password
       changing tickets.  These should probably be destroyed too, or all of a user's tickets kept in a single credentials cache.

																       KDESTROY(1)
Man Page