1 .\" Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan
2 .\" (Royal Institute of Technology, Stockholm, Sweden).
3 .\" All rights reserved.
5 .\" Redistribution and use in source and binary forms, with or without
6 .\" modification, are permitted provided that the following conditions
9 .\" 1. Redistributions of source code must retain the above copyright
10 .\" notice, this list of conditions and the following disclaimer.
12 .\" 2. Redistributions in binary form must reproduce the above copyright
13 .\" notice, this list of conditions and the following disclaimer in the
14 .\" documentation and/or other materials provided with the distribution.
16 .\" 3. Neither the name of the Institute nor the names of its contributors
17 .\" may be used to endorse or promote products derived from this software
18 .\" without specific prior written permission.
20 .\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
21 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
24 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 .\" $Id: ktutil.8,v 1.19 2003/04/08 20:55:10 lha Exp $
39 .Nd manage Kerberos keytabs
42 .Oo Fl k Ar keytab \*(Ba Xo
43 .Fl -keytab= Ns Ar keytab
46 .Op Fl v | Fl -verbose
53 is a program for managing keytabs.
64 can be one of the following:
65 .Bl -tag -width srvconvert
68 .Op Fl -principal= Ns Ar principal
70 .Op Fl -kvno= Ns Ar kvno
72 .Op Fl -enctype= Ns Ar enctype
74 .Op Fl -password= Ns Ar password
80 Adds a key to the keytab. Options that are not specified will be
81 prompted for. This requires that you know the password of the
82 principal to add; if what you really want is to add a new principal to
83 the keytab, you should consider the
85 command, which talks to the kadmin server.
88 .Op Fl -realm= Ns Ar realm
90 .Op Fl -admin-server= Ns Ar host
92 .Op Fl -server-port= Ns Ar port
94 Update one or several keys to new versions. By default, use the admin
95 server for the realm of a keytab entry. Otherwise it will use the
96 values specified by the options.
98 If no principals are given, all the ones in the keytab are updated.
103 Copies all the entries from
108 .Op Fl p Ar admin principal
109 .Op Fl -principal= Ns Ar admin principal
111 .Op Fl -enctypes= Ns Ar enctype
113 .Op Fl -realm= Ns Ar realm
114 .Op Fl a Ar admin server
115 .Op Fl -admin-server= Ns Ar admin server
116 .Op Fl s Ar server port
117 .Op Fl -server-port= Ns Ar server port
122 generate a new key for it (creating it if it doesn't already exist),
123 and put that key in the keytab.
127 is specified, the realm to operate on is taken from the first
133 List the keys stored in the keytab.
135 .Op Fl p Ar principal
136 .Op Fl -principal= Ns Ar principal
138 .Op Fl -kvno= Ns Ar kvno
140 .Op Fl -enctype= Ns Ar enctype
142 Removes the specified key or keys. Not specifying a
144 removes keys with any version number. Not specifying an
146 removes keys of any type.
151 Renames all entries in the keytab that match the
156 .Op Fl -age= Ns Ar age
158 Removes all old entries (for which there is a newer version) that are
165 .Op Fl -srvtab= Ns Ar srvtab
167 Converts the version 4 srvtab in
169 to a version 5 keytab and stores it in
172 .Bd -ragged -offset indent
174 .Li krb4: Ns Ar srvtab
180 .Op Fl -srvtab= Ns Ar srvtab
182 Converts the version 5 keytab in
184 to a version 4 srvtab and stores it in
187 .Bd -ragged -offset indent
190 .Li krb4: Ns Ar srvtab