Updated: 2022/Sep/29

Please read Privacy Policy. It's for your privacy.


KLIST(1)                    General Commands Manual                   KLIST(1)

NAME
     klist - list Kerberos credentials

SYNOPSIS
     klist [-c cache | --cache=cache] [-s | -t | --test] [-T | --tokens]
           [-5 | --v5] [-v | --verbose] [-l | --list-caches] [-f] [--version]
           [--help]

DESCRIPTION
     klist reads and displays the current tickets in the credential cache
     (also known as the ticket file).

     Options supported:

     -c cache, --cache=cache
             credential cache to list

     -s, -t, --test
             Test for there being an active and valid TGT for the local realm
             of the user in the credential cache.

     -T, --tokens
             display AFS tokens

     -5, --v5
             display v5 cred cache (this is the default)

     -f      Include ticket flags in short form, each character stands for a
             specific flag, as follows:
                   F    forwardable
                   f    forwarded
                   P    proxiable
                   p    proxied
                   D    postdate-able
                   d    postdated
                   R    renewable
                   I    initial
                   i    invalid
                   A    pre-authenticated
                   H    hardware authenticated

             This information is also output with the --verbose option, but in
             a more verbose way.

     -v, --verbose
             Verbose output. Include all possible information:

                   Server
                         the principal the ticket is for

                   Ticket etype
                         the encryption type used in the ticket, followed by
                         the key version of the ticket, if it is available

                   Session key
                         the encryption type of the session key, if it's
                         different from the encryption type of the ticket

                   Auth time
                         the time the authentication exchange took place

                   Start time
                         the time that this ticket is valid from (only printed
                         if it's different from the auth time)

                   End time
                         when the ticket expires, if it has already expired
                         this is also noted

                   Renew till
                         the maximum possible end time of any ticket derived
                         from this one

                   Ticket flags
                         the flags set on the ticket

                   Addresses
                         the set of addresses from which this ticket is valid

     -l, --list-caches
             List the credential caches for the current users, not all cache
             types supports listing multiple caches.

SEE ALSO
     kdestroy(1), kinit(1)

NetBSD 10.99                    October 6, 2005                   NetBSD 10.99