xref: /freebsd/crypto/heimdal/admin/ktutil.8 (revision 9207b4cff7b8d483f4dd3c62266c2b58819eb7f9) 
1.\" $Id: ktutil.8,v 1.12 2001/06/08 21:35:31 joda Exp $
2.\"
3.Dd December 16, 2000
4.Dt KTUTIL 8
5.Os HEIMDAL
6.Sh NAME
7.Nm ktutil
8.Nd manage Kerberos keytabs
9.Sh SYNOPSIS
10.Nm
11.Oo Fl k Ar keytab \*(Ba Xo
12.Fl -keytab= Ns Ar keytab
13.Xc
14.Oc
15.Op Fl v | Fl -verbose
16.Op Fl -version
17.Op Fl h | Fl -help
18.Ar command
19.Op Ar args
20.Sh DESCRIPTION
21.Nm
22is a program for managing keytabs.
23.Ar command
24can be one of the following:
25.Bl -tag -width Ds
26.It add Xo
27.Op Fl p Ar principal
28.Op Fl -principal= Ns Ar principal
29.Op Fl V Ar kvno
30.Op Fl -kvno= Ns Ar kvno
31.Op Fl e Ar encype
32.Op Fl -enctype= Ns Ar enctype
33.Op Fl w Ar password
34.Op Fl -password= Ns Ar password
35.Op Fl r
36.Op Fl -random
37.Op Fl s
38.Op Fl -no-salt
39.Xc
40Adds a key to the keytab. Options that are not specified will be
41prompted for.
42.It change Xo
43.Op Fl r Ar realm
44.Op Fl -realm= Ns Ar realm
45.Op Fl -a Ar host
46.Op Fl -admin-server= Ns Ar host
47.Op Fl -s Ar port
48.Op Fl -server-port= Ns Ar port
49.Xc
50Update one or several keys to new versions.  By default, use the admin
51server for the realm of an keytab entry.  Otherwise it will use the
52values specified by the options.
53.Pp
54If no principals are given, all the ones in the keytab are updated.
55.It copy Xo
56.Ar keytab-src
57.Ar keytab-dest
58.Xc
59Copies all the entries from
60.Ar keytab-src
61to
62.Ar keytab-dest .
63.It get Xo
64.Op Fl p Ar admin principal
65.Op Fl -principal= Ns Ar admin principal
66.Oo Fl e Ar enctype \*(Ba Xo
67.Fl -enctypes= Ns Ar enctype
68.Xc
69.Oc
70.Op Fl r Ar realm
71.Op Fl -realm= Ns Ar realm
72.Op Fl a Ar admin server
73.Op Fl -admin-server= Ns Ar admin server
74.Op Fl s Ar server port
75.Op Fl -server-port= Ns Ar server port
76.Ar principal
77.Xc
78Get a key for
79.Nm principal
80and store it in a keytab.
81.It list Xo
82.Op Fl -keys
83.Op Fl -timestamp
84.Xc
85List the keys stored in the keytab.
86.It remove Xo
87.Op Fl p Ar principal
88.Op Fl -principal= Ns Ar principal
89.Op Fl V kvno
90.Op Fl -kvno= Ns Ar kvno
91.Op Fl e enctype
92.Op Fl -enctype= Ns Ar enctype
93.Xc
94Removes the specified key or keys. Not specifying a
95.Ar kvno
96removes keys with any version number. Not specifying a
97.Ar enctype
98removes keys of any type.
99.It purge Xo
100.Op Fl -age= Ns Ar age
101.Xc
102Removes all old entries (for which there is a newer version) that are
103older than
104.Ar age
105(default one week).
106.It srvconvert
107.It srv2keytab Xo
108.Op Fl s Ar srvtab
109.Op Fl -srvtab= Ns Ar srvtab
110.Xc
111Converts the version 4 srvtab in
112.Ar srvtab
113to a version 5 keytab and stores it in
114.Ar keytab .
115Identical to:
116.Bd -ragged -offset indent
117.Li ktutil copy
118.Li krb4: Ns Ar srvtab
119.Ar keytab
120.Ed
121.It srvcreate
122.It key2srvtab Xo
123.Op Fl s Ar srvtab
124.Op Fl -srvtab= Ns Ar srvtab
125.Xc
126Converts the version 5 keytab in
127.Ar keytab
128to a version 4 srvtab and stores it in
129.Ar srvtab .
130Identical to:
131.Bd -ragged -offset indent
132.Li ktutil copy
133.Ar keytab
134.Li krb4: Ns Ar srvtab
135.Ed
136.El
137.Sh SEE ALSO
138.Xr kadmin 8
139