opensolaris man page for ktutil

Opensolaris Man Pages All Man Pages Latest Topics Forum Categories

Query: ktutil

OS: opensolaris

Section: 1

Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar

ktutil(1)							   User Commands							 ktutil(1)


NAME

       ktutil - Kerberos keytab maintenance utility


SYNOPSIS

       /usr/bin/ktutil


DESCRIPTION

       The  ktutil command is an interactive command-line interface utility for managing  the keylist in keytab files. You must read in a keytab's
       keylist	before you can manage it. Also, the user running the ktutil command must have read/write permissions on the keytab.  For  example,
       if a keytab is owned by root, which it typically is, ktutil must be run as root to have the appropriate permissions.


COMMANDS

       clear_list	      Clears the current keylist.
       clear

       read_kt file	      Reads a keytab into the current keylist. You must specify a keytab file to read.
       rkt file

       write_kt file	      Writes  the  current  keylist  to a keytab file. You must specify a keytab file to write. If the keytab file already
       wkt file 	      exists, the current keylist is appended to the existing keytab file.

       add_entry number       Adds an entry to the current keylist. Specify the entry by the keylist slot number.
       addent number

       delete_entry number    Deletes an entry from the current keylist. Specify the entry by the keylist slot number.
       delent number

       list		      Lists the current keylist.
       l

       list_request	      Lists available requests (commands).
       lr

       quit		      Exits utility.
       exit
       q

EXAMPLES

       Example 1 Deleting a principal from a file

       The following example deletes the host/denver@ACME.com principal from the /etc/krb5/krb5.keytab file. Notice that if you want to delete	an
       entry  from an existing keytab, you must first write the keylist to a temporary keytab and then overwrite the existing keytab with the tem-
       porary keytab. This is because the wkt command actually appends the current keylist to an existing keytab, so you can't use it to overwrite
       a keytab.

	 example# /usr/krb5/bin/ktutil
	     ktutil: rkt /etc/krb5/krb5.keytab
	     ktutil: list
	 slot KVNO Principal
	 ---- ---- ---------------------------------------
	    1	 8 host/vail@ACME.COM
	    2	 5 host/denver@ACME.COM
	     ktutil:delent 2
	     ktutil:l
	 slot KVNO Principal
	 ---- ---- --------------------------------------
	    1	 8 host/vail@ACME.COM
	     ktutil:wkt /tmp/krb5.keytab
	     ktutil:q
	 example# mv /tmp/krb5.keytab /etc/krb5/krb5.keytab


FILES

       /etc/krb5/krb5.keytab	keytab file for Kerberos clients


ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWkrbu			   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |See below.		   |
       +-----------------------------+-----------------------------+

       The command arguments are Evolving. The command output is Unstable.


SEE ALSO

       kadmin(1M), k5srvutil(1M), attributes(5), kerberos(5)

SunOS 5.11							    16 Nov 2006 							 ktutil(1)
Related Man Pages
ktutil(1) - opensolaris
k5srvutil(1m) - opensolaris
kprop(1m) - opensolaris
ktutil(8) - netbsd
krb5_keytab_intro(3) - freebsd
Similar Topics in the Unix Linux Community
LDAP/Kerberos Issue
SuSE: krb5 (SUSE-SA:2008:016)
string manipulation
USN-719-1: pam-krb5 vulnerabilities
Problems with kerberos and forest domain