unixdev.net


Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (SunOS-5.10)
Page:
Section:
Apropos / Subsearch:
optional field

ktutil(1)                        User Commands                       ktutil(1)



NAME
       ktutil - Kerberos keytab maintenance utility

SYNOPSIS
       /usr/bin/ktutil

DESCRIPTION
       The ktutil command is an interactive command-line interface utility for
       managing  the keylist in keytab files. You  must  read  in  a  keytab's
       keylist   before  you  can manage it. Also, the user running the ktutil
       command must have read/write permissions on the keytab. For example, if
       a keytab is owned by root, which it typically is, ktutil must be run as
       root to have the appropriate permissions.

COMMANDS
       clear_list              Clears the current keylist.
       clear



       read_kt file            Reads a keytab into the  current  keylist.  You
       rkt file                must specify a keytab file to read.




       write_kt file           Writes  the  current  keylist to a keytab file.
       wkt file                You must specify a keytab file to write. If the
                               keytab file already exists, the current keylist
                               is appended to the existing keytab file.




       add_entry number        Adds an entry to the current  keylist.  Specify
       addent number           the entry by the keylist slot number.




       delete_entry number     Deletes  an  entry  from  the  current keylist.
       delent number           Specify the entry by the keylist slot number.




       list                    Lists the current keylist.
       l



       list_request            Lists available requests (commands).
       lr



       quit                    Exits utility.
       exit
       q



EXAMPLES
       Example 1: Deleting a principal from a file

       The following example deletes the host/denver@ACME.com  principal  from
       the  /etc/krb5/krb5.keytab  file.  Notice that if you want to delete an
       entry from an existing keytab, you must first write the  keylist  to  a
       temporary  keytab  and  then overwrite the existing keytab with the the
       temporary keytab. This is because the wkt command actually appends  the
       current keylist to an existing keytab, so you can't use it to overwrite
       a keytab.

       example# /usr/krb5/bin/ktutil
           ktutil: rkt /etc/krb5/krb5.keytab
           ktutil: list
       slot KVNO Principal
       ---- ---- ---------------------------------------
          1    8 host/vailATACME.COM
          2    5 host/denverATACME.COM
           ktutil:delent 2
           ktutil:l
       slot KVNO Principal
       ---- ---- --------------------------------------
          1    8 host/vailATACME.COM
           ktutil:wkt /tmp/krb5.keytab
           ktutil:q
       example# mv /tmp/krb5.keytab /etc/krb5/krb5.keytab

FILES
       /etc/krb5/krb5.keytab           keytab file for Kerberos clients



ATTRIBUTES
       See attributes(5) for descriptions of the following attributes:


       tab()    allbox;    cw(2.750000i)|     cw(2.750000i)     lw(2.750000i)|
       lw(2.750000i).    ATTRIBUTE  TYPEATTRIBUTE  VALUE  AvailabilitySUNWkrbu
       Interface StabilityEvolving Command argumentsEvolving Command outputUn-
       stable


SEE ALSO
       SEAM(5)



SunOS 5.10                        11 Apr 2003                        ktutil(1)