mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-11-16 23:57:54 +01:00
60643d379b
(Including all changes for FreeBSD - importing the original eBones distribution would be too complex at this stage, since I don't have access to Piero's CVS.) (If you want to include eBones in your system, don't forget to include MAKE_EBONES in /etc/make.conf.) (This stuff is now also suppable from braae.ru.ac.za.) Bones originally from MIT SIPB. Original port to FreeBSD 1.x by Piero Serini. Moved to FreeBSD 2.0 by Doug Rabson and Geoff Rehmet. Nice bug fixes from Doug Rabson.
134 lines
2.7 KiB
Groff
134 lines
2.7 KiB
Groff
.\" from: kinit.1,v 4.6 89/01/23 11:39:11 jtkohl Exp $
|
|
.\" $Id: kinit.1,v 1.2 1994/07/19 19:27:36 g89r4222 Exp $
|
|
.\" Copyright 1989 by the Massachusetts Institute of Technology.
|
|
.\"
|
|
.\" For copying and distribution information,
|
|
.\" please see the file <Copyright.MIT>.
|
|
.\"
|
|
.TH KINIT 1 "Kerberos Version 4.0" "MIT Project Athena"
|
|
.SH NAME
|
|
kinit \- Kerberos login utility
|
|
.SH SYNOPSIS
|
|
.B kinit
|
|
[
|
|
.B \-irvl
|
|
]
|
|
.SH DESCRIPTION
|
|
The
|
|
.I kinit
|
|
command is used to login to the
|
|
Kerberos
|
|
authentication and authorization system.
|
|
Note that only registered
|
|
Kerberos
|
|
users can use the
|
|
Kerberos
|
|
system.
|
|
For information about registering as a
|
|
Kerberos
|
|
user,
|
|
see the
|
|
.I kerberos(1)
|
|
manual page.
|
|
.PP
|
|
If you are logged in to a workstation that is running the
|
|
.I toehold
|
|
service,
|
|
you do not have to use
|
|
.I kinit.
|
|
The
|
|
.I toehold
|
|
login procedure will log you into
|
|
Kerberos
|
|
automatically.
|
|
You will need to use
|
|
.I kinit
|
|
only in those situations in which
|
|
your original tickets have expired.
|
|
(Tickets expire in about a day.)
|
|
Note as well that
|
|
.I toehold
|
|
will automatically destroy your tickets when you logout from the workstation.
|
|
.PP
|
|
When you use
|
|
.I kinit
|
|
without options,
|
|
the utility
|
|
prompts for your username and Kerberos password,
|
|
and tries to authenticate your login with the local
|
|
Kerberos
|
|
server.
|
|
.PP
|
|
If
|
|
Kerberos
|
|
authenticates the login attempt,
|
|
.I kinit
|
|
retrieves your initial ticket and puts it in the ticket file specified by
|
|
your KRBTKFILE environment variable.
|
|
If this variable is undefined,
|
|
your ticket will be stored in the
|
|
.IR /tmp
|
|
directory,
|
|
in the file
|
|
.I tktuid ,
|
|
where
|
|
.I uid
|
|
specifies your user identification number.
|
|
.PP
|
|
If you have logged in to
|
|
Kerberos
|
|
without the benefit of the workstation
|
|
.I toehold
|
|
system,
|
|
make sure you use the
|
|
.I kdestroy
|
|
command to destroy any active tickets before you end your login session.
|
|
You may want to put the
|
|
.I kdestroy
|
|
command in your
|
|
.I \.logout
|
|
file so that your tickets will be destroyed automatically when you logout.
|
|
.PP
|
|
The options to
|
|
.I kinit
|
|
are as follows:
|
|
.TP 7
|
|
.B \-i
|
|
.I kinit
|
|
prompts you for a
|
|
Kerberos
|
|
instance.
|
|
.TP
|
|
.B \-r
|
|
.I kinit
|
|
prompts you for a
|
|
Kerberos
|
|
realm.
|
|
This option lets you authenticate yourself with a remote
|
|
Kerberos
|
|
server.
|
|
.TP
|
|
.B \-v
|
|
Verbose mode.
|
|
.I kinit
|
|
prints the name of the ticket file used, and
|
|
a status message indicating the success or failure of
|
|
your login attempt.
|
|
.TP
|
|
.B \-l
|
|
.I kinit
|
|
prompts you for a ticket lifetime in minutes. Due to protocol
|
|
restrictions in Kerberos Version 4, this value must be between 5 and
|
|
1275 minutes.
|
|
.SH SEE ALSO
|
|
.PP
|
|
kerberos(1), kdestroy(1), klist(1), toehold(1)
|
|
.SH BUGS
|
|
The
|
|
.B \-r
|
|
option has not been fully implemented.
|
|
.SH AUTHORS
|
|
Steve Miller, MIT Project Athena/Digital Equipment Corporation
|
|
.br
|
|
Clifford Neuman, MIT Project Athena
|