table of contents
other versions
- wheezy 1.10.1+dfsg-5+deb7u7
- jessie 1.12.1+dfsg-19+deb8u2
- testing 1.15-1
- unstable 1.15-1
- experimental 1.15-2
conflicting packages
KLIST(1) | General Commands Manual | KLIST(1) |
NAME¶
klist - list cached Kerberos ticketsSYNOPSIS¶
klist [-e] [[-c] [-l] [-A] [-f] [ -s] [ -a [-n]]] [ -k [-t] [-K]] [ cache_name | keytab_name]DESCRIPTION¶
Klist lists the Kerberos principal and Kerberos tickets held in a credentials cache, or the keys held in a keytab file.OPTIONS¶
- -e
- displays the encryption types of the session key and the ticket for each credential in the credential cache, or each key in the keytab file.
- -c
- List tickets held in a credentials cache. This is the default if neither -c nor -k is specified.
- -l
- If a cache collection is available, displays a table summarizing the caches present in the collection.
- -A
- If a cache collection is available, displays the contents of all of the caches in the collection.
- -f
- shows the flags present in the credentials, using the
following abbreviations:
F Forwardable f forwarded P Proxiable p proxy D post Dateable d post dated R Renewable I Initial i invalid H Hardware authenticated A pre Authenticated T Transit policy checked O Okay as delegate a anonymous
- -s
- causes klist to run silently (produce no output),
but to still set the exit status according to whether it finds the
credentials cache. The exit status is `0' if klist finds a
credentials cache, and `1' if it does not or if the tickets are
expired.
- -a
- display list of addresses in credentials.
- -n
- show numeric addresses instead of reverse-resolving addresses.
- -k
- List keys held in a keytab file.
- -t
- display the time entry timestamps for each keytab entry in the keytab file.
- -K
- display the value of the encryption key in each keytab entry in the keytab file.
- -V
- display the Kerberos version number and exit.
ENVIRONMENT¶
Klist uses the following environment variables:- KRB5CCNAME
- Location of the default Kerberos 5 credentials (ticket) cache, in the form type:residual. If no type prefix is present, the FILE type is assumed. The type of the default cache may determine the availability of a cache collection; for instance, a default cache of type DIR causes caches within the directory to be present in the collection.
FILES¶
- /tmp/krb5cc_[uid]
- default location of Kerberos 5 credentials cache ([uid] is the decimal UID of the user).
- /etc/krb5.keytab
- default location for the local host's keytab file.