1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
|
KLIST(1) BSD General Commands Manual KLIST(1)
N�NA�AM�ME�E
k�kl�li�is�st�t -- list Kerberos credentials
S�SY�YN�NO�OP�PS�SI�IS�S
k�kl�li�is�st�t [-�-c�c _�c_�a_�c_�h_�e | -�--�-c�ca�ac�ch�he�e=�=_�c_�a_�c_�h_�e] [-�-s�s | -�-t�t | -�--�-t�te�es�st�t] [-�-T�T | -�--�-t�to�ok�ke�en�ns�s]
[-�-5�5 | -�--�-v�v5�5] [-�-v�v | -�--�-v�ve�er�rb�bo�os�se�e] [-�-l�l | -�--�-l�li�is�st�t-�-c�ca�ac�ch�he�es�s] [-�-f�f] [-�--�-v�ve�er�rs�si�io�on�n]
[-�--�-h�he�el�lp�p]
D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
k�kl�li�is�st�t reads and displays the current tickets in the credential cache
(also known as the ticket file).
Options supported:
-�-c�c _�c_�a_�c_�h_�e, -�--�-c�ca�ac�ch�he�e=�=_�c_�a_�c_�h_�e
credential cache to list
-�-s�s, -�-t�t, -�--�-t�te�es�st�t
Test for there being an active and valid TGT for the local realm
of the user in the credential cache.
-�-T�T, -�--�-t�to�ok�ke�en�ns�s
display AFS tokens
-�-5�5, -�--�-v�v5�5
display v5 cred cache (this is the default)
-�-f�f Include ticket flags in short form, each character stands for a
specific flag, as follows:
F forwardable
f forwarded
P proxiable
p proxied
D postdate-able
d postdated
R renewable
I initial
i invalid
A pre-authenticated
H hardware authenticated
This information is also output with the -�--�-v�ve�er�rb�bo�os�se�e option, but in
a more verbose way.
-�-v�v, -�--�-v�ve�er�rb�bo�os�se�e
Verbose output. Include all possible information:
Server
the principal the ticket is for
Ticket etype
the encryption type used in the ticket, followed by
the key version of the ticket, if it is available
Session key
the encryption type of the session key, if it's dif-
ferent from the encryption type of the ticket
Auth time
the time the authentication exchange took place
Start time
the time that this ticket is valid from (only printed
if it's different from the auth time)
End time
when the ticket expires, if it has already expired
this is also noted
Renew till
the maximum possible end time of any ticket derived
from this one
Ticket flags
the flags set on the ticket
Addresses
the set of addresses from which this ticket is valid
-�-l�l, -�--�-l�li�is�st�t-�-c�ca�ac�ch�he�es�s
List the credential caches for the current users, not all cache
types supports listing multiple caches.
S�SE�EE�E A�AL�LS�SO�O
kdestroy(1), kinit(1)
HEIMDAL October 6, 2005 HEIMDAL
|
