kinit(8krb)kinit(8krb)Name
kinit - Kerberos login utility
Syntax
/usr/bin/kinit [ -irv ]
Description
You use the command to log into the Kerberos authentication and authorization system. You also use the command when your original tickets
have expired. When you use the command without options, the utility prompts for a username and a Kerberos password and attempts to authen-
ticate to the local Kerberos server.
If Kerberos authenticates you correctly, retrieves your initial ticket and puts it in the ticket file specified by the KRBTKFILE environ-
ment variable. If you have not defined this variable, the ticket is stored in the file
Make sure you use the command to destroy any active tickets before ending your login session. You may want to put the command in a file so
that all tickets are destroyed automatically when you log out. Only registered Kerberos users can use the Kerberos system.
Options-i Causes to prompt you for a Kerberos instance.
-r Causes to prompt you for a Kerberos realm. This option lets you authenticate yourself with a remote Kerberos server.
-v Initiates verbose mode. This causes to print the name of the ticket file used and a status message indicating the success or fail-
ure of your login attempt.
Restrictions
Although user-level authentication is not supported, is useful for testing the installation of Kerberos functionality, by determining if a
newly installed principal can obtain a ticket-granting ticket. For example, to determine if the running on machine X can obtain its
ticket-granting ticket, you can run input the principal name, the instance, X, and the password of If succeeds, then Kerberos is correctly
installed on machine X.
The option has not been fully implemented.
Files
See Also
kdestroy(8krb), klist(8krb)kinit(8krb)
Check Out this Related Man Page
kdb_edit(8krb)kdb_edit(8krb)Name
kdb_edit - Kerberos database editing utility
Syntax
/var/dss/kerberos/bin/kdb_edit [-n]
Description
You use the command to create or change principals stored in the Kerberos database. When you invoke kdb_edit, the command prompts you for
the Kerberos database master key and verifies that the key is the same as the master key of the Kerberos database. If the -n option is
used, the key is fetched from the master key file.
Once the master key is verified, kdb_edit begins a loop that prompts you for the principal and instance name to modify. If kdb_edit does
not find an entry, you can create one. Once kdb_edit finds or creates an entry, you can set the password, expiration date, maximum ticket
lifetime, and attributes of a principal.
The kdb_edit command displays, in brackets, the default values for the expiration dates, maximum ticket lifetimes, and attributes. You can
select any default by pressing the return key. The kdb_edit command indicates that you have successfully created or changed an entry by
displaying the message, "Edit O.K."
There is no default password for a principal. However, if you enter RANDOM as the password for a principal, kdb_edit selects a random Data
Encryption Standard (DES) key for the principal.
Whenever the Kerberos database is changed by the modification time of is updated. The file indicates the age of the database.
Options-n If you specify the command with the -n option, kdb_edit fetches the key from the master key file.
Files
See Also
kdb_init(8krb), kstash(8krb), kdb_util(8krb), kdb_destroy(8krb)kdb_edit(8krb)
I am working on a hp c3700 and I can logon as root but, not as myself. I get this error. The authentication file ~/ICEauthority could not be created. I'm trying to log on to a local machine. Can anyone help? (4 Replies)
hi
I have installed a new Linux machine and having another machine having Solaris on it. i want that when i log into my solaris machine using rlogin from Linux machine then no password prompt occurs...
Thanks in advance. (4 Replies)
I have created a shell script but i wnt to translate that in c++ program as it is not working that fast.
1 strip=6 tickets
1 ticket has 27 values in that there should be exactly 15 values rest can be filled with zeroes.
1 strip has exactly 90 values.
in a column the entries should be in... (2 Replies)
Hi,
We've configured Kerberos to authenticate AIX 5.3 users with Active Directory and I now have to port an application written in C to the new security model.
Currently, our users can login as normal and running a "klist" command reveals that they have been successfully granted a ticket. ... (2 Replies)
Figured out the first half but am still having a little trouble shooting problem with the Initialization Files. I am working in bash on a remote server.
When I log on I am seeing the correct prompt but right before that I am also seeing this
the id -u integer expression expected is what... (2 Replies)
Hello,
I installed Kerberos on Red Hat. My testing tool checks for the prompt when user log-in. Unfortunately I don't have access to that testing tool so I have to fix somehow the prompt.
My testing tool expects this format:
login: XYZ
Password:
When I installed Kerberos I have this format:... (1 Reply)
Hi,
I need a solution. I am using Putty/CRT to login in a AIX server from my windows machine. When i closed my putty/CRT prompt from windows client, server session is expire.
Ex. I have run a script to take RMAN backup from PUTTY/CRT command window, After closing command window RMAN backup... (2 Replies)
Hi,
I have tried a lot online to find about this command. I coudnt find a satisfactory explanation.
I need some background on kinit command.
Can someone please explain it? (2 Replies)
Hi,
I just wonder if anyone know how to auto encode the kerberos kinit password at prompt.
kinit command is inside the one of the script called runscript.sh
so ./runscript.sh
......
kinit username
Password for username@example.com:
How do I auto input the password without need to... (5 Replies)
Hi,
I have installed 'cfg2html' on my RHEL server in order to obtain some easy access to system info. It has installed correctly and I have successfully tested and generated some report data on the server.
However my issue is that I am unable to display this info via the URL.
Any... (2 Replies)
I have implemented solaris login authenticating against an active directory server, using solaris x86 on a Dell R810 8xXeon CPUs and 262Gb RAM.
The actual OS is:
# uname -a
SunOS ms-svr012 5.10 Generic_142910-17 i86pc i386 i86pc
# cat /etc/release
Oracle Solaris 10 9/10... (2 Replies)
@kah00na and all others,
i have done al steps of the HowTo "Authenticate AIX users from MSActive Directory", found in this forum, but it still does not work.
The test with kinit USERNAME works fine. But if i try to login i get the "UNKNOWN_USER" error in the debug.log.All steps to change... (11 Replies)
I need help to put a script where it runs the svn command grep'ing for the ticket# in the comments to see if the ticket was used in the latest commit.
so on command line:
./test.sh ticket-1 ticket-2 ticket-3
It should be able to check if ticket-1 is used first and if not then check if... (2 Replies)
I'm fairly new to UNIX-land, and one of my first assigned tasks was to try to set up Kerberos authentication on an unused partition. Hopefully everything makes sense, but please let me know if any clarification is needed with any of it.
AIX 7.1, and while I found various docs on the subject, a... (11 Replies)
Hi Folks,
I am studying for my 1z0-821 exam and I would like to clarify an answer to the following question :
You have a ticket from a new user on the system, indicating that he cannot log in to his account.
The information in the ticket gives you both the username and password. The ticket... (2 Replies)