14137ff4cSJacques Vidrine.\" $Id: kinit.1,v 1.16 2002/01/24 15:30:45 assar Exp $ 2b528cefcSMark Murray.\" 3b528cefcSMark Murray.Dd May 29, 1998 413e3f4d6SMark Murray.Dt KINIT 1 5b528cefcSMark Murray.Os HEIMDAL 6b528cefcSMark Murray.Sh NAME 74137ff4cSJacques Vidrine.Nm kinit 8b528cefcSMark Murray.Nm kauth 945524cd7SAssar Westerlund.Nd acquire initial tickets 10b528cefcSMark Murray.Sh SYNOPSIS 1113e3f4d6SMark Murray.Nm kinit 125e9cd1aeSAssar Westerlund.Op Fl 4 | Fl -524init 134137ff4cSJacques Vidrine.Op Fl 9 | Fl -524convert 14b528cefcSMark Murray.Op Fl -afslog 155e9cd1aeSAssar Westerlund.Oo Fl c Ar cachename \*(Ba Xo 16adb0ddaeSAssar Westerlund.Fl -cache= Ns Ar cachename 175e9cd1aeSAssar Westerlund.Xc 18adb0ddaeSAssar Westerlund.Oc 195e9cd1aeSAssar Westerlund.Op Fl f | Fl -forwardable 205e9cd1aeSAssar Westerlund.Oo Fl t Ar keytabname \*(Ba Xo 21adb0ddaeSAssar Westerlund.Fl -keytab= Ns Ar keytabname 225e9cd1aeSAssar Westerlund.Xc 23adb0ddaeSAssar Westerlund.Oc 245e9cd1aeSAssar Westerlund.Oo Fl l Ar time \*(Ba Xo 25adb0ddaeSAssar Westerlund.Fl -lifetime= Ns Ar time 265e9cd1aeSAssar Westerlund.Xc 27adb0ddaeSAssar Westerlund.Oc 285e9cd1aeSAssar Westerlund.Op Fl p | Fl -proxiable 295e9cd1aeSAssar Westerlund.Op Fl R | Fl -renew 30b528cefcSMark Murray.Op Fl -renewable 315e9cd1aeSAssar Westerlund.Oo Fl r Ar time \*(Ba Xo 32adb0ddaeSAssar Westerlund.Fl -renewable-life= Ns Ar time 335e9cd1aeSAssar Westerlund.Xc 34adb0ddaeSAssar Westerlund.Oc 355e9cd1aeSAssar Westerlund.Oo Fl S Ar principal \*(Ba Xo 36adb0ddaeSAssar Westerlund.Fl -server= Ns Ar principal 375e9cd1aeSAssar Westerlund.Xc 38adb0ddaeSAssar Westerlund.Oc 395e9cd1aeSAssar Westerlund.Oo Fl s Ar time \*(Ba Xo 40adb0ddaeSAssar Westerlund.Fl -start-time= Ns Ar time 415e9cd1aeSAssar Westerlund.Xc 42adb0ddaeSAssar Westerlund.Oc 435e9cd1aeSAssar Westerlund.Op Fl k | Fl -use-keytab 445e9cd1aeSAssar Westerlund.Op Fl v | Fl -validate 454137ff4cSJacques Vidrine.Oo Fl e Ar enctypes \*(Ba Xo 464137ff4cSJacques Vidrine.Fl -enctypes= Ns Ar enctypes 475e9cd1aeSAssar Westerlund.Xc 48adb0ddaeSAssar Westerlund.Oc 495e9cd1aeSAssar Westerlund.Op Fl -fcache-version= Ns Ar integer 5013e3f4d6SMark Murray.Op Fl -no-addresses 515e9cd1aeSAssar Westerlund.Op Fl -anonymous 52b528cefcSMark Murray.Op Fl -version 53b528cefcSMark Murray.Op Fl -help 54adb0ddaeSAssar Westerlund.Op Ar principal Op Ar command 55b528cefcSMark Murray.Sh DESCRIPTION 56b528cefcSMark Murray.Nm 57b528cefcSMark Murrayis used to authenticate to the kerberos server as 58b528cefcSMark Murray.Ar principal , 595e9cd1aeSAssar Westerlundor if none is given, a system generated default (typically your login 605e9cd1aeSAssar Westerlundname at the default realm), and acquire a ticket granting ticket that 615e9cd1aeSAssar Westerlundcan later be used to obtain tickets for other services. 625e9cd1aeSAssar Westerlund.Pp 634137ff4cSJacques VidrineIf you have compiled 644137ff4cSJacques Vidrine.Nm kinit 654137ff4cSJacques Vidrinewith Kerberos 4 support and you have a 665e9cd1aeSAssar WesterlundKerberos 4 server, 675e9cd1aeSAssar Westerlund.Nm 685e9cd1aeSAssar Westerlundwill detect this and get you Kerberos 4 tickets. 695e9cd1aeSAssar Westerlund.Pp 70b528cefcSMark MurraySupported options: 71b528cefcSMark Murray.Bl -tag -width Ds 72b528cefcSMark Murray.It Xo 73b528cefcSMark Murray.Fl c Ar cachename 74b528cefcSMark Murray.Fl -cache= Ns Ar cachename 75b528cefcSMark Murray.Xc 76b528cefcSMark MurrayThe credentials cache to put the acquired ticket in, if other than 77b528cefcSMark Murraydefault. 78b528cefcSMark Murray.It Xo 79b528cefcSMark Murray.Fl f Ns , 80b528cefcSMark Murray.Fl -forwardable 81b528cefcSMark Murray.Xc 82b528cefcSMark MurrayGet ticket that can be forwarded to another host. 83b528cefcSMark Murray.It Xo 84b528cefcSMark Murray.Fl t Ar keytabname Ns , 85b528cefcSMark Murray.Fl -keytab= Ns Ar keytabname 86b528cefcSMark Murray.Xc 87b528cefcSMark MurrayDon't ask for a password, but instead get the key from the specified 88b528cefcSMark Murraykeytab. 89b528cefcSMark Murray.It Xo 905e9cd1aeSAssar Westerlund.Fl l Ar time Ns , 915e9cd1aeSAssar Westerlund.Fl -lifetime= Ns Ar time 92b528cefcSMark Murray.Xc 935e9cd1aeSAssar WesterlundSpecifies the lifetime of the ticket. The argument can either be in 945e9cd1aeSAssar Westerlundseconds, or a more human readable string like 955e9cd1aeSAssar Westerlund.Sq 1h . 96b528cefcSMark Murray.It Xo 97b528cefcSMark Murray.Fl p Ns , 98b528cefcSMark Murray.Fl -proxiable 99b528cefcSMark Murray.Xc 100b528cefcSMark MurrayRequest tickets with the proxiable flag set. 101b528cefcSMark Murray.It Xo 102b528cefcSMark Murray.Fl R Ns , 103b528cefcSMark Murray.Fl -renew 104b528cefcSMark Murray.Xc 105b528cefcSMark MurrayTry to renew ticket. The ticket must have the 106b528cefcSMark Murray.Sq renewable 107b528cefcSMark Murrayflag set, and must not be expired. 108b528cefcSMark Murray.It Fl -renewable 109b528cefcSMark MurrayThe same as 110b528cefcSMark Murray.Fl -renewable-life , 111b528cefcSMark Murraywith an infinite time. 112b528cefcSMark Murray.It Xo 1135e9cd1aeSAssar Westerlund.Fl r Ar time Ns , 1145e9cd1aeSAssar Westerlund.Fl -renewable-life= Ns Ar time 115b528cefcSMark Murray.Xc 116b528cefcSMark MurrayThe max renewable ticket life. 117b528cefcSMark Murray.It Xo 118b528cefcSMark Murray.Fl S Ar principal Ns , 119b528cefcSMark Murray.Fl -server= Ns Ar principal 120b528cefcSMark Murray.Xc 121b528cefcSMark MurrayGet a ticket for a service other than krbtgt/LOCAL.REALM. 122b528cefcSMark Murray.It Xo 1235e9cd1aeSAssar Westerlund.Fl s Ar time Ns , 1245e9cd1aeSAssar Westerlund.Fl -start-time= Ns Ar time 125b528cefcSMark Murray.Xc 1265e9cd1aeSAssar WesterlundObtain a ticket that starts to be valid 1275e9cd1aeSAssar Westerlund.Ar time 1285e9cd1aeSAssar Westerlund(which can really be a generic time specification, like 1295e9cd1aeSAssar Westerlund.Sq 1h ) 1305e9cd1aeSAssar Westerlundseconds into the future. 131b528cefcSMark Murray.It Xo 132b528cefcSMark Murray.Fl k Ns , 133b528cefcSMark Murray.Fl -use-keytab 134b528cefcSMark Murray.Xc 135b528cefcSMark MurrayThe same as 136b528cefcSMark Murray.Fl -keytab , 137b528cefcSMark Murraybut with the default keytab name (normally 138b528cefcSMark Murray.Ar FILE:/etc/krb5.keytab ) . 139b528cefcSMark Murray.It Xo 140b528cefcSMark Murray.Fl v Ns , 141b528cefcSMark Murray.Fl -validate 142b528cefcSMark Murray.Xc 143b528cefcSMark MurrayTry to validate an invalid ticket. 144b528cefcSMark Murray.It Xo 145b528cefcSMark Murray.Fl e , 146b528cefcSMark Murray.Fl -enctypes= Ns Ar enctypes 147b528cefcSMark Murray.Xc 148b528cefcSMark MurrayRequest tickets with this particular enctype. 149b528cefcSMark Murray.It Xo 150b528cefcSMark Murray.Fl -fcache-version= Ns Ar version 151b528cefcSMark Murray.Xc 152b528cefcSMark MurrayCreate a credentials cache of version 153b528cefcSMark Murray.Nm version . 154b528cefcSMark Murray.It Xo 15513e3f4d6SMark Murray.Fl -no-addresses 156b528cefcSMark Murray.Xc 157b528cefcSMark MurrayRequest a ticket with no addresses. 1585e9cd1aeSAssar Westerlund.It Xo 1595e9cd1aeSAssar Westerlund.Fl -anonymous 1605e9cd1aeSAssar Westerlund.Xc 1615e9cd1aeSAssar WesterlundRequest an anonymous ticket (which means that the ticket will be 1625e9cd1aeSAssar Westerlundissued to an anonymous principal, typically 1635e9cd1aeSAssar Westerlund.Dq anonymous@REALM). 164b528cefcSMark Murray.El 1655e9cd1aeSAssar Westerlund.Pp 166b528cefcSMark MurrayThe following options are only available if 167b528cefcSMark Murray.Nm 1684137ff4cSJacques Vidrinehas been compiled with support for Kerberos 4. 169b528cefcSMark Murray.Bl -tag -width Ds 170b528cefcSMark Murray.It Xo 171b528cefcSMark Murray.Fl 4 Ns , 172b528cefcSMark Murray.Fl -524init 173b528cefcSMark Murray.Xc 1744137ff4cSJacques VidrineTry to convert the obtained Kerberos 5 krbtgt to a version 4 1754137ff4cSJacques Vidrinecompatible ticket. It will store this ticket in the default Kerberos 4 1764137ff4cSJacques Vidrineticket file. 1774137ff4cSJacques Vidrine.It Xo 1784137ff4cSJacques Vidrine.Fl 9 Ns , 1794137ff4cSJacques Vidrine.Fl -524convert 1804137ff4cSJacques Vidrine.Xc 1814137ff4cSJacques Vidrineonly convert ticket to version 4 182b528cefcSMark Murray.It Fl -afslog 183b528cefcSMark MurrayGets AFS tickets, converts them to version 4 format, and stores them 184b528cefcSMark Murrayin the kernel. Only useful if you have AFS. 185b528cefcSMark Murray.El 1865e9cd1aeSAssar Westerlund.Pp 1875e9cd1aeSAssar WesterlundThe 1885e9cd1aeSAssar Westerlund.Ar forwardable , 1895e9cd1aeSAssar Westerlund.Ar proxiable , 1905e9cd1aeSAssar Westerlund.Ar ticket_life , 1915e9cd1aeSAssar Westerlundand 1925e9cd1aeSAssar Westerlund.Ar renewable_life 1935e9cd1aeSAssar Westerlundoptions can be set to a default value from the 1945e9cd1aeSAssar Westerlund.Dv appdefaults 1955e9cd1aeSAssar Westerlundsection in krb5.conf, see 1965e9cd1aeSAssar Westerlund.Xr krb5_appdefault 3 . 197adb0ddaeSAssar Westerlund.Pp 198adb0ddaeSAssar WesterlundIf a 199adb0ddaeSAssar Westerlund.Ar command 200adb0ddaeSAssar Westerlundis given, 201adb0ddaeSAssar Westerlund.Nm kinit 202adb0ddaeSAssar Westerlundwill setup new credentials caches, and AFS PAG, and then run the given 203adb0ddaeSAssar Westerlundcommand. When it finishes the credentials will be removed. 204b528cefcSMark Murray.Sh ENVIRONMENT 205b528cefcSMark Murray.Bl -tag -width Ds 206b528cefcSMark Murray.It Ev KRB5CCNAME 2074137ff4cSJacques VidrineSpecifies the default credentials cache. 208b528cefcSMark Murray.It Ev KRB5_CONFIG 2094137ff4cSJacques VidrineThe file name of 210b528cefcSMark Murray.Pa krb5.conf 2114137ff4cSJacques Vidrine, the default being 2124137ff4cSJacques Vidrine.Pa /etc/krb5.conf . 213b528cefcSMark Murray.It Ev KRBTKFILE 214b528cefcSMark MurraySpecifies the Kerberos 4 ticket file to store version 4 tickets in. 215b528cefcSMark Murray.El 216b528cefcSMark Murray.\".Sh FILES 217b528cefcSMark Murray.\".Sh EXAMPLES 218b528cefcSMark Murray.\".Sh DIAGNOSTICS 219b528cefcSMark Murray.Sh SEE ALSO 2205e9cd1aeSAssar Westerlund.Xr kdestroy 1 , 221b528cefcSMark Murray.Xr klist 1 , 2224137ff4cSJacques Vidrine.Xr krb5_appdefault 3 , 2234137ff4cSJacques Vidrine.Xr krb5.conf 5 224b528cefcSMark Murray.\".Sh STANDARDS 225b528cefcSMark Murray.\".Sh HISTORY 226b528cefcSMark Murray.\".Sh AUTHORS 227b528cefcSMark Murray.\".Sh BUGS 228