Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

klist(1) [redhat man page]

KLIST(1)						      General Commands Manual							  KLIST(1)

NAME

       klist - list cached Kerberos tickets

SYNOPSIS

       klist [-5] [-4] [-e] [[-c] [-f] [-s] [-a  [-n]]] [-k [-t] [-K]] [cache_name | keytab_name]

DESCRIPTION

       Klist lists the Kerberos principal and Kerberos tickets held in a credentials cache, or the keys held in a keytab file.	If klist was built
       with Kerberos 4 support, the default behavior is to list both Kerberos 5 and Kerberos 4 credentials.   Otherwise,  klist  will  default	to
       listing only Kerberos 5 credentials.

OPTIONS

       -5     list Kerberos 5 credentials.  This overrides whatever the default built-in behavior may be.  This option may be used with -4

       -4     list  Kerberos 4 credentials.  This overrides whatever the default built-in behavior may be.  This option is only available if kinit
	      was built with Kerberos 4 compatibility.	This option may be used with -5

       -e     displays the encryption types of the session key and the ticket for each credential in the credential cache,  or	each  key  in  the
	      keytab file.

       -c     List tickets held in a credentials cache.  This is the default if neither -c nor -k is specified.

       -f     shows the flags present in the credentials, using the following abbreviations:

		   F	Forwardable
		   f	forwarded
		   P	Proxiable
		   p	proxy
		   D	postDateable
		   d	postdated
		   R	Renewable
		   I	Initial
		   i	invalid

       -s     causes  klist  to  run  silently (produce no output), but to still set the exit status according to whether it finds the credentials
	      cache.  The exit status is `0' if klist finds a credentials cache, and `1' if it does not.

       -a     display list of addresses in credentials.

       -n     show numeric addresses instead of reverse-resolving addresses.

       -k     List keys held in a keytab file.

       -t     display the time entry timestamps for each keytab entry in the keytab file.

       -K     display the value of the encryption key in each keytab entry in the keytab file.

       If cache_name or keytab_name is not specified, klist will display the credentials in the default credentials cache or keytab file as appro-
       priate.	If the KRB5CCNAME environment variable is set, its value is used to name the default ticket cache.

ENVIRONMENT

       Klist uses the following environment variables:

       KRB5CCNAME      Location of the Kerberos 5 credentials (ticket) cache.

       KRBTKFILE      Filename of the Kerberos 4 credentials (ticket) cache.

FILES

       /tmp/krb5cc_[uid]  default location of Kerberos 5 credentials cache ([uid] is the decimal UID of the user).

       /tmp/tkt[uid]  default location of Kerberos 4 credentials cache ([uid] is the decimal UID of the user).

       /etc/krb5.keytab
		      default location for the local host's keytab file.

SEE ALSO

       kinit(1), kdestroy(1), krb5(3)

																	  KLIST(1)

Check Out this Related Man Page

KLIST(1)						      General Commands Manual							  KLIST(1)

NAME

       klist - list cached Kerberos tickets

SYNOPSIS

       klist [-e] [[-c] [-f] [-s] [-a  [-n]]] [-k [-t] [-K]] [cache_name | keytab_name]

DESCRIPTION

       Klist lists the Kerberos principal and Kerberos tickets held in a credentials cache, or the keys held in a keytab file.

OPTIONS

       -e     displays	the  encryption  types	of  the session key and the ticket for each credential in the credential cache, or each key in the
	      keytab file.

       -c     List tickets held in a credentials cache.  This is the default if neither -c nor -k is specified.

       -f     shows the flags present in the credentials, using the following abbreviations:

		   F	Forwardable
		   f	forwarded
		   P	Proxiable
		   p	proxy
		   D	postDateable
		   d	postdated
		   R	Renewable
		   I	Initial
		   i	invalid
		   H	Hardware authenticated
		   A	preAuthenticated
		   T	Transit policy checked
		   O	Okay as delegate
		   a	anonymous

       -s     causes klist to run silently (produce no output), but to still set the exit status according to whether  it  finds  the  credentials
	      cache.  The exit status is `0' if klist finds a credentials cache, and `1' if it does not or if the tickets are
	       expired.

       -a     display list of addresses in credentials.

       -n     show numeric addresses instead of reverse-resolving addresses.

       -k     List keys held in a keytab file.

       -t     display the time entry timestamps for each keytab entry in the keytab file.

       -K     display the value of the encryption key in each keytab entry in the keytab file.

       If cache_name or keytab_name is not specified, klist will display the credentials in the default credentials cache or keytab file as appro-
       priate.	If the KRB5CCNAME environment variable is set, its value is used to name the default ticket cache.

ENVIRONMENT

       Klist uses the following environment variables:

       KRB5CCNAME      Location of the Kerberos 5 credentials (ticket) cache.

FILES

       /tmp/krb5cc_[uid]  default location of Kerberos 5 credentials cache ([uid] is the decimal UID of the user).

       /etc/krb5.keytab   default location for the local host's keytab file.

SEE ALSO

       kinit(1), kdestroy(1), krb5(3)

																	  KLIST(1)
Man Page