1:kinit-java-1 5 0-sun

From Linux Man Pages

Jump to: navigation, search
      kinit [ commands ] <principal name>

Contents

NAME

      kinit - kinit is used to obtain and cache Kerberos ticket-granting tickets. This tool is similar in functionality
      to the kinit tool that are commonly found in other Kerberos implementations,  such  as  SEAM  and  MIT  Reference
      implementations.
 
      The use must be registered as a principal with the Key Distribution Center (KDC) prior to running kinit.

DESCRIPTION

      By  default,  for  all Unix platforms a cache file named /tmp/krb5cc_<uid> will  be generated.  <uid> is the user
      identification number of the user  logged  into  the  system.  For  all  other  platforms,  a  cache  file  named
      <USER_HOME>/krb5cc_<USER_NAME> would be generated.
 
      <USER_HOME>   is   obtained   from  the  java.lang.System  property  user.home.   <USER_NAME>  is  obtained  from
      java.lang.System property user.name.  If <USER_HOME> is null, the cache file  would  be  stored  in  the  current
      directory  that the program is running from.  <USER_NAME> is the operating system's login username. This username
      could be different than the user's principal name. For example on Solaris, it could be /home/duke/krb5cc_duke, in
      which duke is the <USER_NAME> and  /home/duke is the <USER_HOME>.
 
      By default, the keytab name is retrieved from the Kerberos configuration file. If the keytab name is not specifed
      in the Kerberos configuration file, the name is assumed to be <USER_HOME>/krb5.keytab
 
      If you do not specify the password using the password option on the command line, kinit will prompt you  for  the
      password.
 
      Note:  password  is  provided  only  for testing purposes. Do not place your password in a script or provide your
      password on the command line. Doing so will compromise your password.
 
      For more information see the man pages for kinit.

COMMANDS

      kinit -fp [ -c <cache_name> ] [ -k ] [ -t <keytab_filename> ] [ <principal> ] [ <password> ] [ -help ]
 
      -f     Issue a forwardable ticket.
 
      -p     Issue a proxiable ticket.
 
      -c     <cache_name> The cache name (i.e., FILE:/temp/mykrb5cc).
 
      -k     Use keytab
 
      -t     <keytab_filename> The keytab name (i.e., /home/duke/krb5.keytab).
 
      <principal>
             The principal name (i.e., duke@java.sun.com).
 
      <password>
             The principal's Kerberos password.  (DO NOT SPECIFY ON COMMAND LINE OR IN A SCRIPT.)
 
      -help  Display instructions.

EXAMPLES

      Requesting credentials valid for authentication from the current client host, for the default  services,  storing
      the credentials cache in the default location (/home/duke/krb5cc_duke):
 
      kinit duke@JAVA.SUN.COM
 
      Requesting  proxiable  credentials  for  a  different principal and storing these credentials in a specified file
      cache:
 
      kinit -p -c FILE:/home/duke/credentials/krb5cc_cafebeef
      cafebeef@JAVA.SUN.COM
 
      Requesting proxiable and forwardable credentials for a different principal and storing  these  credentials  in  a
      specified file cache:
 
      kinit -f -p -c
      FILE:/home/duke/credentials/krb5cc_cafebeef
      cafebeef@JAVA.SUN.COM
 
      Displaying the help menu for kinit:
 
      kinit -help

SECURITY ALERT

      The  password flag is for testing purposes only. Do not specify your password on the command line.  Doing so is a
      security hole since an attacker could discover your password while running the Unix ps command, for example.

CATEGORY

Retrieved from "http://man-wiki.net/index.php/1:kinit-java-1_5_0-sun"
Personal tools