11.Sh SYNOPSIS 12.Nm kinit 13.Op Fl 4 | Fl -524init 14.Op Fl -afslog 15.Oo Fl c Ar cachename \*(Ba Xo 16.Fl -cache= Ns Ar cachename Oc 17.Xc 18.Op Fl f | Fl -forwardable 19.Oo Fl t Ar keytabname \*(Ba Xo 20.Fl -keytab= Ns Ar keytabname Oc 21.Xc 22.Oo Fl l Ar time \*(Ba Xo 23.Fl -lifetime= Ns Ar time Oc 24.Xc 25.Op Fl p | Fl -proxiable 26.Op Fl R | Fl -renew 27.Op Fl -renewable 28.Oo Fl r Ar time \*(Ba Xo 29.Fl -renewable-life= Ns Ar time Oc 30.Xc 31.Oo Fl S Ar principal \*(Ba Xo 32.Fl -server= Ns Ar principal Oc 33.Xc 34.Oo Fl s Ar time \*(Ba Xo 35.Fl -start-time= Ns Ar time Oc 36.Xc 37.Op Fl k | Fl -use-keytab 38.Op Fl v | Fl -validate 39.Oo Fl e Ar enctype \*(Ba Xo 40.Fl -enctypes= Ns Ar enctype Oc 41.Xc 42.Op Fl -fcache-version= Ns Ar integer 43.Op Fl -no-addresses 44.Op Fl -anonymous 45.Op Fl -version 46.Op Fl -help 47.Op Ar principal 48.Sh DESCRIPTION 49.Nm 50is used to authenticate to the kerberos server as 51.Ar principal , 52or if none is given, a system generated default (typically your login 53name at the default realm), and acquire a ticket granting ticket that 54can later be used to obtain tickets for other services. 55.Pp 56If you have compiled kinit with Kerberos 4 support and you have a 57Kerberos 4 server, 58.Nm 59will detect this and get you Kerberos 4 tickets. 60.Pp 61Supported options: 62.Bl -tag -width Ds 63.It Xo 64.Fl c Ar cachename 65.Fl -cache= Ns Ar cachename 66.Xc 67The credentials cache to put the acquired ticket in, if other than 68default. 69.It Xo 70.Fl f Ns , 71.Fl -forwardable 72.Xc 73Get ticket that can be forwarded to another host. 74.It Xo 75.Fl t Ar keytabname Ns , 76.Fl -keytab= Ns Ar keytabname 77.Xc 78Don't ask for a password, but instead get the key from the specified 79keytab. 80.It Xo 81.Fl l Ar time Ns , 82.Fl -lifetime= Ns Ar time 83.Xc 84Specifies the lifetime of the ticket. The argument can either be in 85seconds, or a more human readable string like 86.Sq 1h . 87.It Xo 88.Fl p Ns , 89.Fl -proxiable 90.Xc 91Request tickets with the proxiable flag set. 92.It Xo 93.Fl R Ns , 94.Fl -renew 95.Xc 96Try to renew ticket. The ticket must have the 97.Sq renewable 98flag set, and must not be expired. 99.It Fl -renewable 100The same as 101.Fl -renewable-life , 102with an infinite time. 103.It Xo 104.Fl r Ar time Ns , 105.Fl -renewable-life= Ns Ar time 106.Xc 107The max renewable ticket life. 108.It Xo 109.Fl S Ar principal Ns , 110.Fl -server= Ns Ar principal 111.Xc 112Get a ticket for a service other than krbtgt/LOCAL.REALM. 113.It Xo 114.Fl s Ar time Ns , 115.Fl -start-time= Ns Ar time 116.Xc 117Obtain a ticket that starts to be valid 118.Ar time 119(which can really be a generic time specification, like 120.Sq 1h ) 121seconds into the future. 122.It Xo 123.Fl k Ns , 124.Fl -use-keytab 125.Xc 126The same as 127.Fl -keytab , 128but with the default keytab name (normally 129.Ar FILE:/etc/krb5.keytab ) . 130.It Xo 131.Fl v Ns , 132.Fl -validate 133.Xc 134Try to validate an invalid ticket. 135.It Xo 136.Fl e , 137.Fl -enctypes= Ns Ar enctypes 138.Xc 139Request tickets with this particular enctype. 140.It Xo 141.Fl -fcache-version= Ns Ar version 142.Xc 143Create a credentials cache of version 144.Nm version . 145.It Xo 146.Fl -no-addresses 147.Xc 148Request a ticket with no addresses. 149.It Xo 150.Fl -anonymous 151.Xc 152Request an anonymous ticket (which means that the ticket will be 153issued to an anonymous principal, typically 154.Dq anonymous@REALM). 155.El 156.Pp 157The following options are only available if 158.Nm 159has been compiled with support for Kerberos 4. The 160.Nm kauth 161program is identical to 162.Nm kinit , 163but has these options enabled by 164default. 165.Bl -tag -width Ds 166.It Xo 167.Fl 4 Ns , 168.Fl -524init 169.Xc 170Try to convert the obtained Kerberos 5 krbtgt to a version 4 compatible 171ticket. It will store this ticket in the default Kerberos 4 ticket 172file. 173.It Fl -afslog 174Gets AFS tickets, converts them to version 4 format, and stores them 175in the kernel. Only useful if you have AFS. 176.El 177.Pp 178The 179.Ar forwardable , 180.Ar proxiable , 181.Ar ticket_life , 182and 183.Ar renewable_life 184options can be set to a default value from the 185.Dv appdefaults 186section in krb5.conf, see 187.Xr krb5_appdefault 3 . 188.Sh ENVIRONMENT 189.Bl -tag -width Ds 190.It Ev KRB5CCNAME 191Specifies the default cache file. 192.It Ev KRB5_CONFIG 193The directory where the 194.Pa krb5.conf 195can be found, default is 196.Pa /etc . 197.It Ev KRBTKFILE 198Specifies the Kerberos 4 ticket file to store version 4 tickets in. 199.El 200.\".Sh FILES 201.\".Sh EXAMPLES 202.\".Sh DIAGNOSTICS 203.Sh SEE ALSO 204.Xr kdestroy 1 , 205.Xr klist 1 , 206.Xr krb5.conf 5 , 207.Xr krb5_appdefault 3 208.\".Sh STANDARDS 209.\".Sh HISTORY 210.\".Sh AUTHORS 211.\".Sh BUGS
| 10.Sh SYNOPSIS 11.Nm kinit 12.Op Fl 4 | Fl -524init 13.Op Fl -afslog 14.Oo Fl c Ar cachename \*(Ba Xo 15.Fl -cache= Ns Ar cachename Oc 16.Xc 17.Op Fl f | Fl -forwardable 18.Oo Fl t Ar keytabname \*(Ba Xo 19.Fl -keytab= Ns Ar keytabname Oc 20.Xc 21.Oo Fl l Ar time \*(Ba Xo 22.Fl -lifetime= Ns Ar time Oc 23.Xc 24.Op Fl p | Fl -proxiable 25.Op Fl R | Fl -renew 26.Op Fl -renewable 27.Oo Fl r Ar time \*(Ba Xo 28.Fl -renewable-life= Ns Ar time Oc 29.Xc 30.Oo Fl S Ar principal \*(Ba Xo 31.Fl -server= Ns Ar principal Oc 32.Xc 33.Oo Fl s Ar time \*(Ba Xo 34.Fl -start-time= Ns Ar time Oc 35.Xc 36.Op Fl k | Fl -use-keytab 37.Op Fl v | Fl -validate 38.Oo Fl e Ar enctype \*(Ba Xo 39.Fl -enctypes= Ns Ar enctype Oc 40.Xc 41.Op Fl -fcache-version= Ns Ar integer 42.Op Fl -no-addresses 43.Op Fl -anonymous 44.Op Fl -version 45.Op Fl -help 46.Op Ar principal 47.Sh DESCRIPTION 48.Nm 49is used to authenticate to the kerberos server as 50.Ar principal , 51or if none is given, a system generated default (typically your login 52name at the default realm), and acquire a ticket granting ticket that 53can later be used to obtain tickets for other services. 54.Pp 55If you have compiled kinit with Kerberos 4 support and you have a 56Kerberos 4 server, 57.Nm 58will detect this and get you Kerberos 4 tickets. 59.Pp 60Supported options: 61.Bl -tag -width Ds 62.It Xo 63.Fl c Ar cachename 64.Fl -cache= Ns Ar cachename 65.Xc 66The credentials cache to put the acquired ticket in, if other than 67default. 68.It Xo 69.Fl f Ns , 70.Fl -forwardable 71.Xc 72Get ticket that can be forwarded to another host. 73.It Xo 74.Fl t Ar keytabname Ns , 75.Fl -keytab= Ns Ar keytabname 76.Xc 77Don't ask for a password, but instead get the key from the specified 78keytab. 79.It Xo 80.Fl l Ar time Ns , 81.Fl -lifetime= Ns Ar time 82.Xc 83Specifies the lifetime of the ticket. The argument can either be in 84seconds, or a more human readable string like 85.Sq 1h . 86.It Xo 87.Fl p Ns , 88.Fl -proxiable 89.Xc 90Request tickets with the proxiable flag set. 91.It Xo 92.Fl R Ns , 93.Fl -renew 94.Xc 95Try to renew ticket. The ticket must have the 96.Sq renewable 97flag set, and must not be expired. 98.It Fl -renewable 99The same as 100.Fl -renewable-life , 101with an infinite time. 102.It Xo 103.Fl r Ar time Ns , 104.Fl -renewable-life= Ns Ar time 105.Xc 106The max renewable ticket life. 107.It Xo 108.Fl S Ar principal Ns , 109.Fl -server= Ns Ar principal 110.Xc 111Get a ticket for a service other than krbtgt/LOCAL.REALM. 112.It Xo 113.Fl s Ar time Ns , 114.Fl -start-time= Ns Ar time 115.Xc 116Obtain a ticket that starts to be valid 117.Ar time 118(which can really be a generic time specification, like 119.Sq 1h ) 120seconds into the future. 121.It Xo 122.Fl k Ns , 123.Fl -use-keytab 124.Xc 125The same as 126.Fl -keytab , 127but with the default keytab name (normally 128.Ar FILE:/etc/krb5.keytab ) . 129.It Xo 130.Fl v Ns , 131.Fl -validate 132.Xc 133Try to validate an invalid ticket. 134.It Xo 135.Fl e , 136.Fl -enctypes= Ns Ar enctypes 137.Xc 138Request tickets with this particular enctype. 139.It Xo 140.Fl -fcache-version= Ns Ar version 141.Xc 142Create a credentials cache of version 143.Nm version . 144.It Xo 145.Fl -no-addresses 146.Xc 147Request a ticket with no addresses. 148.It Xo 149.Fl -anonymous 150.Xc 151Request an anonymous ticket (which means that the ticket will be 152issued to an anonymous principal, typically 153.Dq anonymous@REALM). 154.El 155.Pp 156The following options are only available if 157.Nm 158has been compiled with support for Kerberos 4. The 159.Nm kauth 160program is identical to 161.Nm kinit , 162but has these options enabled by 163default. 164.Bl -tag -width Ds 165.It Xo 166.Fl 4 Ns , 167.Fl -524init 168.Xc 169Try to convert the obtained Kerberos 5 krbtgt to a version 4 compatible 170ticket. It will store this ticket in the default Kerberos 4 ticket 171file. 172.It Fl -afslog 173Gets AFS tickets, converts them to version 4 format, and stores them 174in the kernel. Only useful if you have AFS. 175.El 176.Pp 177The 178.Ar forwardable , 179.Ar proxiable , 180.Ar ticket_life , 181and 182.Ar renewable_life 183options can be set to a default value from the 184.Dv appdefaults 185section in krb5.conf, see 186.Xr krb5_appdefault 3 . 187.Sh ENVIRONMENT 188.Bl -tag -width Ds 189.It Ev KRB5CCNAME 190Specifies the default cache file. 191.It Ev KRB5_CONFIG 192The directory where the 193.Pa krb5.conf 194can be found, default is 195.Pa /etc . 196.It Ev KRBTKFILE 197Specifies the Kerberos 4 ticket file to store version 4 tickets in. 198.El 199.\".Sh FILES 200.\".Sh EXAMPLES 201.\".Sh DIAGNOSTICS 202.Sh SEE ALSO 203.Xr kdestroy 1 , 204.Xr klist 1 , 205.Xr krb5.conf 5 , 206.Xr krb5_appdefault 3 207.\".Sh STANDARDS 208.\".Sh HISTORY 209.\".Sh AUTHORS 210.\".Sh BUGS
|