Not all tickets are alike. One ticket might be, for example, forwardable; another ticket might be postdated; while a third ticket might be both forwardable and postdated. You can see which tickets you have, and what their attributes are, by using the klist command with the -f option:
% /usr/bin/klist -f |
The following symbols indicate the attributes that are associated with each ticket, as displayed by klist:
F |
Forwardable |
f |
Forwarded |
P |
Proxiable |
p |
Proxy |
D |
Postdateable |
d |
Postdated |
R |
Renewable |
I |
Initial |
i |
Invalid |
Types of Tickets describes the various attributes that a ticket can have.
This example shows that the user jennifer has an initial ticket, which is forwardable (F) and postdated (d), but not yet validated (i):
% /usr/bin/klist -f Ticket cache: /tmp/krb5cc_74287 Default principal: jenniferm@ENG.EXAMPLE.COM Valid starting Expires Service principal 09 Mar 99 15:09:51 09 Mar 99 21:09:51 nfs/EXAMPLE.SUN.COM@EXAMPLE.SUN.COM renew until 10 Mar 99 15:12:51, Flags: Fdi |
The following example shows that the user david has two tickets that were forwarded (f) to his host from another host. The tickets are also forwardable (F):
% klist -f Ticket cache: /tmp/krb5cc_74287 Default principal: david@EXAMPLE.SUN.COM Valid starting Expires Service principal 07 Mar 99 06:09:51 09 Mar 99 23:33:51 host/EXAMPLE.COM@EXAMPLE.COM renew until 10 Mar 99 17:09:51, Flags: fF Valid starting Expires Service principal 08 Mar 99 08:09:51 09 Mar 99 12:54:51 nfs/EXAMPLE.COM@EXAMPLE.COM renew until 10 Mar 99 15:22:51, Flags: fF |