mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-12-28 22:36:24 +01:00
134 lines
2.7 KiB
Groff
134 lines
2.7 KiB
Groff
|
.\" from: kinit.1,v 4.6 89/01/23 11:39:11 jtkohl Exp $
|
||
|
.\" $Id: kinit.1,v 1.2 1994/07/19 19:27:36 g89r4222 Exp $
|
||
|
.\" Copyright 1989 by the Massachusetts Institute of Technology.
|
||
|
.\"
|
||
|
.\" For copying and distribution information,
|
||
|
.\" please see the file <Copyright.MIT>.
|
||
|
.\"
|
||
|
.TH KINIT 1 "Kerberos Version 4.0" "MIT Project Athena"
|
||
|
.SH NAME
|
||
|
kinit \- Kerberos login utility
|
||
|
.SH SYNOPSIS
|
||
|
.B kinit
|
||
|
[
|
||
|
.B \-irvl
|
||
|
]
|
||
|
.SH DESCRIPTION
|
||
|
The
|
||
|
.I kinit
|
||
|
command is used to login to the
|
||
|
Kerberos
|
||
|
authentication and authorization system.
|
||
|
Note that only registered
|
||
|
Kerberos
|
||
|
users can use the
|
||
|
Kerberos
|
||
|
system.
|
||
|
For information about registering as a
|
||
|
Kerberos
|
||
|
user,
|
||
|
see the
|
||
|
.I kerberos(1)
|
||
|
manual page.
|
||
|
.PP
|
||
|
If you are logged in to a workstation that is running the
|
||
|
.I toehold
|
||
|
service,
|
||
|
you do not have to use
|
||
|
.I kinit.
|
||
|
The
|
||
|
.I toehold
|
||
|
login procedure will log you into
|
||
|
Kerberos
|
||
|
automatically.
|
||
|
You will need to use
|
||
|
.I kinit
|
||
|
only in those situations in which
|
||
|
your original tickets have expired.
|
||
|
(Tickets expire in about a day.)
|
||
|
Note as well that
|
||
|
.I toehold
|
||
|
will automatically destroy your tickets when you logout from the workstation.
|
||
|
.PP
|
||
|
When you use
|
||
|
.I kinit
|
||
|
without options,
|
||
|
the utility
|
||
|
prompts for your username and Kerberos password,
|
||
|
and tries to authenticate your login with the local
|
||
|
Kerberos
|
||
|
server.
|
||
|
.PP
|
||
|
If
|
||
|
Kerberos
|
||
|
authenticates the login attempt,
|
||
|
.I kinit
|
||
|
retrieves your initial ticket and puts it in the ticket file specified by
|
||
|
your KRBTKFILE environment variable.
|
||
|
If this variable is undefined,
|
||
|
your ticket will be stored in the
|
||
|
.IR /tmp
|
||
|
directory,
|
||
|
in the file
|
||
|
.I tktuid ,
|
||
|
where
|
||
|
.I uid
|
||
|
specifies your user identification number.
|
||
|
.PP
|
||
|
If you have logged in to
|
||
|
Kerberos
|
||
|
without the benefit of the workstation
|
||
|
.I toehold
|
||
|
system,
|
||
|
make sure you use the
|
||
|
.I kdestroy
|
||
|
command to destroy any active tickets before you end your login session.
|
||
|
You may want to put the
|
||
|
.I kdestroy
|
||
|
command in your
|
||
|
.I \.logout
|
||
|
file so that your tickets will be destroyed automatically when you logout.
|
||
|
.PP
|
||
|
The options to
|
||
|
.I kinit
|
||
|
are as follows:
|
||
|
.TP 7
|
||
|
.B \-i
|
||
|
.I kinit
|
||
|
prompts you for a
|
||
|
Kerberos
|
||
|
instance.
|
||
|
.TP
|
||
|
.B \-r
|
||
|
.I kinit
|
||
|
prompts you for a
|
||
|
Kerberos
|
||
|
realm.
|
||
|
This option lets you authenticate yourself with a remote
|
||
|
Kerberos
|
||
|
server.
|
||
|
.TP
|
||
|
.B \-v
|
||
|
Verbose mode.
|
||
|
.I kinit
|
||
|
prints the name of the ticket file used, and
|
||
|
a status message indicating the success or failure of
|
||
|
your login attempt.
|
||
|
.TP
|
||
|
.B \-l
|
||
|
.I kinit
|
||
|
prompts you for a ticket lifetime in minutes. Due to protocol
|
||
|
restrictions in Kerberos Version 4, this value must be between 5 and
|
||
|
1275 minutes.
|
||
|
.SH SEE ALSO
|
||
|
.PP
|
||
|
kerberos(1), kdestroy(1), klist(1), toehold(1)
|
||
|
.SH BUGS
|
||
|
The
|
||
|
.B \-r
|
||
|
option has not been fully implemented.
|
||
|
.SH AUTHORS
|
||
|
Steve Miller, MIT Project Athena/Digital Equipment Corporation
|
||
|
.br
|
||
|
Clifford Neuman, MIT Project Athena
|