Displays the contents of a Kerberos credentials cache or key table.
The klist command displays the contents of a Kerberos credentials cache or key table.
Item | Description |
---|---|
-a | Displays all tickets in the credentials cache, including expired tickets. Expired tickets are not listed if this flag is not specified. This flag is valid only when listing a credentials cache. |
-c | Lists the tickets in a credentials cache. This is the default if neither the -c nor the -k flag is specified. This flag is mutually exclusive with the -k flag. |
-e | Displays the encryption type for the session key and the ticket. |
-f | Displays the ticket flags using the following abbreviations:
|
name | Specifies the name of the credentials cache or key table.
The default credentials cache or key table is used if you do not specify
a filename. If you do not specify a name indicating a cache name or keytab name, klist displays the credentials in the default credentials cache or keytab file as appropriate. If the KRB5CCNAME environment variable is set, its value is used to name the default credentials (ticket) cache. |
-k | Lists the entries in a key table. This flag is mutually exclusive with the -c flag. |
-K | Displays the encryption key value for each key table entry. This flag is valid only when listing a key table. |
-n | Displays the numerical internet address instead of the host name. The default without the -n is host name. This command is used in conjunction with the -a flag. |
-s | Suppresses command output but sets the exit status to 0 if a valid ticket-granting ticket is found in the credentials cache. This flag is valid only when listing a credentials cache. |
-t | Displays timestamps for key table entries. This flag is valid only when listing a key table. |
klist
klist -t -k etc/krb5/my_keytab
Item | Description |
---|---|
/usr/krb5/bin/klist | - |
/var/krb5/security/creds/krb5cc_[uid] | default credentials cache ([uid] is the UID of the user.) |
/etc/krb5/krb5.keytab | default location for the local host's keytab file. |