|
|
Ubuntu: 940-2: Kerberos vulnerability
|
|
kinit(8krb) kinit(8krb) Name kinit - Kerberos login utility Syntax /usr/bin/kinit [ -irv ] Description You use the command to log into the Kerberos authentication and authorization system. You also use the command when your original tickets have expired. When you use the command without options, the utility prompts for a username and a Kerberos password and attempts to authen- ticate to the local Kerberos server. If Kerberos authenticates you correctly, retrieves your initial ticket and puts it in the ticket file specified by the KRBTKFILE environ- ment variable. If you have not defined this variable, the ticket is stored in the file Make sure you use the command to destroy any active tickets before ending your login session. You may want to put the command in a file so that all tickets are destroyed automatically when you log out. Only registered Kerberos users can use the Kerberos system. Options -i Causes to prompt you for a Kerberos instance. -r Causes to prompt you for a Kerberos realm. This option lets you authenticate yourself with a remote Kerberos server. -v Initiates verbose mode. This causes to print the name of the ticket file used and a status message indicating the success or fail- ure of your login attempt. Restrictions Although user-level authentication is not supported, is useful for testing the installation of Kerberos functionality, by determining if a newly installed principal can obtain a ticket-granting ticket. For example, to determine if the running on machine X can obtain its ticket-granting ticket, you can run input the principal name, the instance, X, and the password of If succeeds, then Kerberos is correctly installed on machine X. The option has not been fully implemented. Files See Also kdestroy(8krb), klist(8krb) kinit(8krb)
