Sun OpenSSO Enterprise 8.0 Deployment Planning Guide


Theklist command displays the contents of a Kerberos credentials cache or key table. You can use the klist command to verifty that the generated keytab file has the right principal for OpenSSO Enterprise. Usage:

klist [-5] [-4] [-e] [[-c] [-f] [-s] [-a [-n]]] [-k [-t] [-K]] [name] -5
Table 18–3 klist Command Options




Use Kerberos 5 


Use Keberos 4 


Specifies credentials cache 


Specifies keytab file 

Default is credentials cache. 


Shows the encryption type options for credential caches:  

  • -f shows credentials flags

  • -s sets exit status based on valid tgt existence

  • -a displays the address list

  • -n do not reverse-resolve options for keytabs:

options for keytabs 

  • -t shows keytab entry timestamps

  • -K shows keytab entry DES keys