1.\" $Id: kinit.1,v 1.3 1999/05/14 14:02:49 assar Exp $ 2.\" 3.Dd May 29, 1998 4.Dt KAUTH 1 5.Os HEIMDAL 6.Sh NAME 7.Nm kauth 8.Nd 9acquire initial tickets 10.Sh SYNOPSIS 11.Nm 12.Op Fl 4 13.Op Fl -524init 14.Op Fl -afslog 15.Op Fl c Ar cachename 16.Op Fl -cache= Ns Ar cachename 17.Op Fl c Ar cachename 18.Op Fl -cache= Ns Ar cachename 19.Op Fl f 20.Op Fl -forwardable 21.Op Fl t Ar keytabname 22.Op Fl -keytab= Ns Ar keytabname 23.Op Fl l Ar seconds 24.Op Fl -lifetime= Ns Ar seconds 25.Op Fl p 26.Op Fl -proxiable 27.Op Fl R 28.Op Fl -renew 29.Op Fl -renewable 30.Op Fl r Ar seconds 31.Op Fl -renewable-life= Ns Ar seconds 32.Op Fl S Ar principal 33.Op Fl -server= Ns Ar principal 34.Op Fl s Ar seconds 35.Op Fl -start-time= Ns Ar seconds 36.Op Fl k 37.Op Fl -use-keytab 38.Op Fl v 39.Op Fl -validate 40.Op Fl e 41.Op Fl -enctypes= Ns Ar enctypes 42.Op Fl -fcache-version= Ns Ar version 43.Op Fl -noaddresses 44.Op Fl -version 45.Op Fl -help 46.Op Ar principal 47.Sh DESCRIPTION 48.Nm 49is used to authenticate to the kerberos server as 50.Ar principal , 51or if none is given, a system generated default, and acquire a ticket 52granting ticket that can later be used to obtain tickets for other 53services. 54Supported options: 55.Bl -tag -width Ds 56.It Xo 57.Fl c Ar cachename 58.Fl -cache= Ns Ar cachename 59.Xc 60The credentials cache to put the acquired ticket in, if other than 61default. 62.It Xo 63.Fl f Ns , 64.Fl -forwardable 65.Xc 66Get ticket that can be forwarded to another host. 67.It Xo 68.Fl t Ar keytabname Ns , 69.Fl -keytab= Ns Ar keytabname 70.Xc 71Don't ask for a password, but instead get the key from the specified 72keytab. 73.It Xo 74.Fl l Ar seconds Ns , 75.Fl -lifetime= Ns Ar seconds 76.Xc 77Specifies the lifetime of the ticket. 78.It Xo 79.Fl p Ns , 80.Fl -proxiable 81.Xc 82Request tickets with the proxiable flag set. 83.It Xo 84.Fl R Ns , 85.Fl -renew 86.Xc 87Try to renew ticket. The ticket must have the 88.Sq renewable 89flag set, and must not be expired. 90.It Fl -renewable 91The same as 92.Fl -renewable-life , 93with an infinite time. 94.It Xo 95.Fl r Ar seconds Ns , 96.Fl -renewable-life= Ns Ar seconds 97.Xc 98The max renewable ticket life. 99.It Xo 100.Fl S Ar principal Ns , 101.Fl -server= Ns Ar principal 102.Xc 103Get a ticket for a service other than krbtgt/LOCAL.REALM. 104.It Xo 105.Fl s Ar seconds Ns , 106.Fl -start-time= Ns Ar seconds 107.Xc 108Start time of ticket, if other than the current time. 109.It Xo 110.Fl k Ns , 111.Fl -use-keytab 112.Xc 113The same as 114.Fl -keytab , 115but with the default keytab name (normally 116.Ar FILE:/etc/krb5.keytab ) . 117.It Xo 118.Fl v Ns , 119.Fl -validate 120.Xc 121Try to validate an invalid ticket. 122.It Xo 123.Fl e , 124.Fl -enctypes= Ns Ar enctypes 125.Xc 126Request tickets with this particular enctype. 127.It Xo 128.Fl -fcache-version= Ns Ar version 129.Xc 130Create a credentials cache of version 131.Nm version . 132.It Xo 133.Fl -noaddresses 134.Xc 135Request a ticket with no addresses. 136.El 137 138The following options are only available if 139.Nm 140has been compiled with support for Kerberos 4. 141.Bl -tag -width Ds 142.It Xo 143.Fl 4 Ns , 144.Fl -524init 145.Xc 146Try to convert the obtained krbtgt to a version 4 compatible 147ticket. It will store this ticket in the default Kerberos 4 ticket 148file. 149.It Fl -afslog 150Gets AFS tickets, converts them to version 4 format, and stores them 151in the kernel. Only useful if you have AFS. 152.El 153.Sh ENVIRONMENT 154.Bl -tag -width Ds 155.It Ev KRB5CCNAME 156Specifies the default cache file. 157.It Ev KRB5_CONFIG 158The directory where the 159.Pa krb5.conf 160can be found, default is 161.Pa /etc . 162.It Ev KRBTKFILE 163Specifies the Kerberos 4 ticket file to store version 4 tickets in. 164.El 165.\".Sh FILES 166.\".Sh EXAMPLES 167.\".Sh DIAGNOSTICS 168.Sh SEE ALSO 169.Xr krb5.conf 5 , 170.Xr klist 1 , 171.Xr kdestroy 1 172.\".Sh STANDARDS 173.\".Sh HISTORY 174.\".Sh AUTHORS 175.\".Sh BUGS 176