How to View Tickets
Not all tickets are alike. One ticket might be, for example, forwardable; another might be postdated; while a third might be both. You can see which tickets you have, and what their attributes are, by using the klist command with the -f option:
% /usr/krb5/bin/klist -f |
The following symbols indicate the attributes associated with each ticket, as displayed by klist:
|
F |
Forwardable |
|
f |
Forwarded |
|
P |
Proxiable |
|
p |
Proxy |
|
D |
Postdateable |
|
d |
Postdated |
|
R |
Renewable |
|
I |
Initial |
|
i |
Invalid |
"Types of Tickets" describes the various attributes a ticket can have.
Example -- Viewing Tickets
This example shows that the user jennifer has an initial ticket, which is forwardable (F) and postdated (d), but not yet validated (i):
% /usr/krb5/bin/klist -f
Ticket cache: /tmp/krb5cc_74287
Default principal: jenniferm@ENG.ACME.COM
Valid starting Expires Service principal
09 Mar 99 15:09:51 09 Mar 99 21:09:51 nfs/ACME.SUN.COM@ACME.SUN.COM
renew until 10 Mar 99 15:12:51, Flags: Fdi
|
The example below shows that the user david has two tickets that were forwarded (f) to his host from another host. The tickets are also (re)forwardable (F):
% klist -f
Ticket cache: /tmp/krb5cc_74287
Default principal: david@ACME.SUN.COM
Valid starting Expires Service principal
07 Mar 99 06:09:51 09 Mar 99 23:33:51 host/ACME.COM@ACME.COM
renew until 10 Mar 99 17:09:51, Flags: fF
Valid starting Expires Service principal
08 Mar 99 08:09:51 09 Mar 99 12:54:51 nfs/ACME.COM@ACME.COM
renew until 10 Mar 99 15:22:51, Flags: fF
|
- © 2010, Oracle Corporation and/or its affiliates