← 返回命令列表

Linux command

kerberos 命令

网络

复制后可按需替换文件名、目录或参数。

常用示例

Get ticket

kinit [principal]

List tickets

klist

Destroy tickets

kdestroy

Change password

kpasswd

Forward ticket

kinit -f [principal]

Renew ticket

kinit -R

说明

Kerberos is a network authentication protocol. Clients receive a time-limited Ticket-Granting Ticket (TGT) from a Key Distribution Center (KDC) after presenting credentials, then exchange the TGT for service tickets to access individual network services. All authentication exchanges are encrypted, and the user's password never traverses the network after the initial kinit. The user-facing CLI is built around four small commands: kinit (request a TGT), klist (inspect the credential cache), kdestroy (clear cached tickets), and kpasswd (change the password held by the KDC). Service tickets are obtained transparently by Kerberos-aware applications (SSH, NFSv4, HTTP via SPNEGO, LDAP, SMB).

参数

kinit _PRINCIPAL_
Get Kerberos ticket.
klist
List cached tickets.
kdestroy
Destroy tickets.
kpasswd
Change Kerberos password.
-f
Get forwardable ticket.
-R
Renew existing ticket.
-l _LIFETIME_
Ticket lifetime.

FAQ

What is the kerberos command used for?

Kerberos is a network authentication protocol. Clients receive a time-limited Ticket-Granting Ticket (TGT) from a Key Distribution Center (KDC) after presenting credentials, then exchange the TGT for service tickets to access individual network services. All authentication exchanges are encrypted, and the user's password never traverses the network after the initial kinit. The user-facing CLI is built around four small commands: kinit (request a TGT), klist (inspect the credential cache), kdestroy (clear cached tickets), and kpasswd (change the password held by the KDC). Service tickets are obtained transparently by Kerberos-aware applications (SSH, NFSv4, HTTP via SPNEGO, LDAP, SMB).

How do I run a basic kerberos example?

Run `kinit [principal]` in a terminal, then adjust file names, paths, flags, or remote targets for your system.

What does kinit _PRINCIPAL_ do in kerberos?

Get Kerberos ticket.