KVNO(1) General Commands Manual KVNO(1)NAME
kvno - print key version numbers of Kerberos principals
SYNOPSIS
klist [-e etype] service1 service2 ...
DESCRIPTION
Kvno acquires a service ticket for the specified Kerberos principals and prints out the key version numbers of each.
OPTIONS -e specifies the enctype which will be requested for the session key of all the services named on the command line. This is useful in
certain backward compatibility situations.
ENVIRONMENT
Kvno uses the following environment variable:
KRB5CCNAME Location of the credentials (ticket) cache.
FILES
/tmp/krb5cc_[uid] default location of the credentials cache ([uid] is the decimal UID of the user).
SEE ALSO kinit(1), kdestroy(1), krb5(3)KVNO(1)
Check Out this Related Man Page
KVNO(1) MIT Kerberos KVNO(1)NAME
kvno - print key version numbers of Kerberos principals
SYNOPSIS
kvno [-c ccache] [-e etype] [-q] [-h] [-P] [-S sname] [-U for_user] service1 service2 ...
DESCRIPTION
kvno acquires a service ticket for the specified Kerberos principals and prints out the key version numbers of each.
OPTIONS -c ccache
Specifies the name of a credentials cache to use (if not the default)
-e etype
Specifies the enctype which will be requested for the session key of all the services named on the command line. This is useful in
certain backward compatibility situations.
-q Suppress printing output when successful. If a service ticket cannot be obtained, an error message will still be printed and kvno
will exit with nonzero status.
-h Prints a usage statement and exits.
-P Specifies that the service1 service2 ... arguments are to be treated as services for which credentials should be acquired using
constrained delegation. This option is only valid when used in conjunction with protocol transition.
-S sname
Specifies that the service1 service2 ... arguments are interpreted as hostnames, and the service principals are to be constructed
from those hostnames and the service name sname. The service hostnames will be canonicalized according to the usual rules for con-
structing service principals.
-U for_user
Specifies that protocol transition (S4U2Self) is to be used to acquire a ticket on behalf of for_user. If constrained delegation is
not requested, the service name must match the credentials cache client principal.
ENVIRONMENT
kvno uses the following environment variable:
KRB5CCNAME
Location of the credentials (ticket) cache.
FILES
FILE:/tmp/krb5cc_%{uid}
Default location of the credentials cache
SEE ALSO kinit(1), kdestroy(1)AUTHOR
MIT
COPYRIGHT
1985-2013, MIT
1.11.3KVNO(1)
Good day
I am trying to configure Kerberos and LDAP authentication on AIX 5.3 with Windows 2003 R2 but something is not quite right.
When I ran kinit username I get a ticket and I can display it using klist.
When the user login I can see the ticket request on Windows 2003, but the user... (1 Reply)
I want to disable following commands in my linux distribution (Thanks to Linux hardening guide)
# which rcp
/usr/kerberos/bin/rcp
# which rlogin
/usr/kerberos/bin/rlogin
# which rsh
/usr/kerberos/bin/rsh
When checked they were all part of krb5-workstation-1.6.1-25.el5 rpm.
# rpm -qf... (2 Replies)
@kah00na and all others,
i have done al steps of the HowTo "Authenticate AIX users from MSActive Directory", found in this forum, but it still does not work.
The test with kinit USERNAME works fine. But if i try to login i get the "UNKNOWN_USER" error in the debug.log.All steps to change... (11 Replies)
Upon opening Terminal I get the following message:
-bash: /usr/bin/manpath: No such file or directory
-bash: /usr/bin/perl: No such file or directory
-bash: grep: command not found
-bash: grep: command not found
-bash: grep: command not found
-bash: grep: command not found
I searched... (9 Replies)
The KRB5ALDAP compound load module is giving me fits. Everything looks like it should be working, but no.
Goal: Integrate AIX host with Active Directory using a KRB5ALDAP compound load module so that users can be created in AD and used in AIX, with unix attributes (registry values) being... (2 Replies)
I'm fairly new to UNIX-land, and one of my first assigned tasks was to try to set up Kerberos authentication on an unused partition. Hopefully everything makes sense, but please let me know if any clarification is needed with any of it.
AIX 7.1, and while I found various docs on the subject, a... (11 Replies)
I'm authenticating with SSSD / Kerberos against Windows Server 2012 R2. I've setup credentails delegation using these options:
Host *
GSSAPIAuthentication yes
GSSAPIDelegateCredentials yes
GSSAPITrustDns yes
For both client/server but no luck. I've read online that I need to run... (2 Replies)