Go to main content

man pages section 1: User Commands

Exit Print View

Updated: Thursday, March 14, 2019
 
 

kvno (1)

Name

kvno - print key version numbers of Kerberos principals

Synopsis

kvno  [-c  ccache]  [-e  etype] [-q] [-h] [-P] [-S sname] [-U for_user]
service1 service2 ...

Description

KVNO(1)                          MIT Kerberos                          KVNO(1)



NAME
       kvno - print key version numbers of Kerberos principals

SYNOPSIS
       kvno  [-c  ccache]  [-e  etype] [-q] [-h] [-P] [-S sname] [-U for_user]
       service1 service2 ...

DESCRIPTION
       kvno acquires a service ticket for the  specified  Kerberos  principals
       and prints out the key version numbers of each.

OPTIONS
       -c ccache
              Specifies  the  name  of  a credentials cache to use (if not the
              default)

       -e etype
              Specifies the enctype which will be requested  for  the  session
              key of all the services named on the command line.  This is use-
              ful in certain backward compatibility situations.

       -q     Suppress printing output when successful.  If a  service  ticket
              cannot  be  obtained, an error message will still be printed and
              kvno will exit with nonzero status.

       -h     Prints a usage statement and exits.

       -P     Specifies that the service1 service2 ...  arguments  are  to  be
              treated  as  services  for  which credentials should be acquired
              using constrained delegation.  This option is  only  valid  when
              used in conjunction with protocol transition.

       -S sname
              Specifies  that  the  service1 service2 ... arguments are inter-
              preted as hostnames, and the service principals are to  be  con-
              structed  from  those hostnames and the service name sname.  The
              service hostnames will be canonicalized according to  the  usual
              rules for constructing service principals.

       -U for_user
              Specifies  that  protocol transition (S4U2Self) is to be used to
              acquire a ticket on behalf of for_user.  If constrained  delega-
              tion  is  not requested, the service name must match the creden-
              tials cache client principal.

ENVIRONMENT
       kvno uses the following environment variable:

       KRB5CCNAME
              Location of the credentials (ticket) cache.

FILES
       FILE:/tmp/volatile-user/%{uid}/krb5cc_%{uid}
              Default location of the credentials cache


ATTRIBUTES
       See attributes(7) for descriptions of the following attributes:


       +---------------+------------------------+
       |ATTRIBUTE TYPE |    ATTRIBUTE VALUE     |
       +---------------+------------------------+
       |Availability   | security/kerberos-5    |
       +---------------+------------------------+
       |Stability      | Pass-through committed |
       +---------------+------------------------+
SEE ALSO
       kinit(1), kdestroy(1)

AUTHOR
       MIT

COPYRIGHT
       1985-2017, MIT



NOTES
       This    software    was    built    from    source     available     at
       https://github.com/oracle/solaris-userland.    The  original  community
       source     was      downloaded      from       https://web.mit.edu/ker-
       beros/dist/krb5/1.16/krb5-1.16.tar.gz

       Further information about this software can be found on the open source
       community website at https://web.mit.edu/kerberos/.



1.16                                                                   KVNO(1)