Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

klist(1) [osx man page]

KLIST(1)						    BSD General Commands Manual 						  KLIST(1)

NAME
klist -- list Kerberos credentials SYNOPSIS
klist [-c cache | --cache=cache] [-s | -t | --test] [-T | --tokens] [-5 | --v5] [-v | --verbose] [-l | --list-caches] [-f] [--version] [--help] DESCRIPTION
klist reads and displays the current tickets in the credential cache (also known as the ticket file). Options supported: -c cache, --cache=cache credential cache to list -s, -t, --test Test for there being an active and valid TGT for the local realm of the user in the credential cache. -T, --tokens display AFS tokens -5, --v5 display v5 cred cache (this is the default) -f Include ticket flags in short form, each character stands for a specific flag, as follows: F forwardable f forwarded P proxiable p proxied D postdate-able d postdated R renewable I initial i invalid A pre-authenticated H hardware authenticated This information is also output with the --verbose option, but in a more verbose way. -v, --verbose Verbose output. Include all possible information: Server the principal the ticket is for Ticket etype the encryption type used in the ticket, followed by the key version of the ticket, if it is available Session key the encryption type of the session key, if it's different from the encryption type of the ticket Auth time the time the authentication exchange took place Start time the time that this ticket is valid from (only printed if it's different from the auth time) End time when the ticket expires, if it has already expired this is also noted Renew till the maximum possible end time of any ticket derived from this one Ticket flags the flags set on the ticket Addresses the set of addresses from which this ticket is valid -l, --list-caches List the credential caches for the current users, not all cache types supports listing multiple caches. SEE ALSO
kdestroy(1), kinit(1) HEIMDAL
October 6, 2005 HEIMDAL

Check Out this Related Man Page

KLIST(1)						      General Commands Manual							  KLIST(1)

NAME
klist - list cached Kerberos tickets SYNOPSIS
klist [-e] [[-c] [-f] [-s] [-a [-n]]] [-k [-t] [-K]] [cache_name | keytab_name] DESCRIPTION
Klist lists the Kerberos principal and Kerberos tickets held in a credentials cache, or the keys held in a keytab file. OPTIONS
-e displays the encryption types of the session key and the ticket for each credential in the credential cache, or each key in the keytab file. -c List tickets held in a credentials cache. This is the default if neither -c nor -k is specified. -f shows the flags present in the credentials, using the following abbreviations: F Forwardable f forwarded P Proxiable p proxy D postDateable d postdated R Renewable I Initial i invalid H Hardware authenticated A preAuthenticated T Transit policy checked O Okay as delegate a anonymous -s causes klist to run silently (produce no output), but to still set the exit status according to whether it finds the credentials cache. The exit status is `0' if klist finds a credentials cache, and `1' if it does not or if the tickets are expired. -a display list of addresses in credentials. -n show numeric addresses instead of reverse-resolving addresses. -k List keys held in a keytab file. -t display the time entry timestamps for each keytab entry in the keytab file. -K display the value of the encryption key in each keytab entry in the keytab file. If cache_name or keytab_name is not specified, klist will display the credentials in the default credentials cache or keytab file as appro- priate. If the KRB5CCNAME environment variable is set, its value is used to name the default ticket cache. ENVIRONMENT
Klist uses the following environment variables: KRB5CCNAME Location of the Kerberos 5 credentials (ticket) cache. FILES
/tmp/krb5cc_[uid] default location of Kerberos 5 credentials cache ([uid] is the decimal UID of the user). /etc/krb5.keytab default location for the local host's keytab file. SEE ALSO
kinit(1), kdestroy(1), krb5(3) KLIST(1)
Man Page