xref: /freebsd/crypto/heimdal/admin/ktutil.8 (revision 5e9cd1ae3e10592ed70e7575551cba1bbab04d84) 
1.\" $Id: ktutil.8,v 1.9 2000/12/16 00:58:49 joda Exp $
2.\"
3.Dd December 16, 2000
4.Dt KTUTIL 8
5.Os HEIMDAL
6.Sh NAME
7.Nm ktutil
8.Nd
9manage Kerberos keytabs
10.Sh SYNOPSIS
11.Nm
12.Oo Fl k Ar keytab \*(Ba Xo
13.Fl -keytab= Ns Ar keytab
14.Xc
15.Oc
16.Op Fl v | Fl -verbose
17.Op Fl -version
18.Op Fl h | Fl -help
19.Ar command
20.Op Ar args
21.Sh DESCRIPTION
22.Nm
23is a program for managing keytabs.
24.Ar command
25can be one of the following:
26.Bl -tag -width Ds
27.It add Xo
28.Op Fl p Ar principal
29.Op Fl -principal= Ns Ar principal
30.Op Fl V Ar kvno
31.Op Fl -kvno= Ns Ar kvno
32.Op Fl e Ar encype
33.Op Fl -enctype= Ns Ar enctype
34.Op Fl w Ar password
35.Op Fl -password= Ns Ar password
36.Op Fl r
37.Op Fl -random
38.Op Fl s
39.Op Fl -no-salt
40.Xc
41Adds a key to the keytab. Options that are not specified will be
42prompted for.
43.It change Xo
44.Op Fl r Ar realm
45.Op Fl -realm= Ns Ar realm
46.Op Fl -a Ar host
47.Op Fl -admin-server= Ns Ar host
48.Op Fl -s Ar port
49.Op Fl -server-port= Ns Ar port
50.Xc
51Update one or several keys to new versions.  By default, use the admin
52server for the realm of an keytab entry.  Otherwise it will use the
53values specified by the options.
54.Pp
55If no principals are given, all the ones in the keytab are updated.
56.It copy Xo
57.Ar keytab-src
58.Ar keytab-dest
59.Xc
60Copies all the entries from
61.Ar keytab-src
62to
63.Ar keytab-dest .
64.It get Xo
65.Op Fl p Ar admin principal
66.Op Fl -principal= Ns Ar admin principal
67.Op Fl r Ar realm
68.Op Fl -realm= Ns Ar realm
69.Op Fl a Ar admin server
70.Op Fl -admin-server= Ns Ar admin server
71.Op Fl s Ar server port
72.Op Fl -server-port= Ns Ar server port
73.Ar principal
74.Xc
75Get a key for
76.Nm principal
77and store it in a keytab.
78.It list Xo
79.Op Fl -keys
80.Op Fl -timestamp
81.Xc
82List the keys stored in the keytab.
83.It remove Xo
84.Op Fl p Ar principal
85.Op Fl -principal= Ns Ar principal
86.Op Fl V kvno
87.Op Fl -kvno= Ns Ar kvno
88.Op Fl e enctype
89.Op Fl -enctype= Ns Ar enctype
90.Xc
91Removes the specified key or keys. Not specifying a
92.Ar kvno
93removes keys with any version number. Not specifying a
94.Ar enctype
95removes keys of any type.
96.It purge Xo
97.Op Fl -age= Ns Ar age
98.Xc
99Removes all old entries (for which there is a newer version) that are
100older than
101.Ar age
102(default one week).
103.It srvconvert
104.It srv2keytab Xo
105.Op Fl s Ar srvtab
106.Op Fl -srvtab= Ns Ar srvtab
107.Xc
108Converts the version 4 srvtab in
109.Ar srvtab
110to a version 5 keytab and stores it in
111.Ar keytab .
112Identical to:
113.Bd -ragged -offset indent
114.Li ktutil copy
115.Li krb4: Ns Ar srvtab
116.Ar keytab
117.Ed
118.It srvcreate
119.It key2srvtab Xo
120.Op Fl s Ar srvtab
121.Op Fl -srvtab= Ns Ar srvtab
122.Xc
123Converts the version 5 keytab in
124.Ar keytab
125to a version 4 srvtab and stores it in
126.Ar srvtab .
127Identical to:
128.Bd -ragged -offset indent
129.Li ktutil copy
130.Ar keytab
131.Li krb4: Ns Ar srvtab
132.Ed
133.El
134.Sh SEE ALSO
135.Xr kadmin 8
136