KIMPERSONATE(8) | System Manager's Manual | KIMPERSONATE(8) |
kimpersonate
—
kimpersonate |
[-s string |
- -ccache= string]
[-s string |
- -server= string]
[-c string |
- -client= string]
[-k string |
- -keytab= string]
[-5 |
- -krb5 ]
[-A |
- -add ]
[-R |
- -referral ]
[-e integer |
- -expire-time= integer]
[-a string |
- -client-address= string]
[-t string |
- -enc-type= string]
[- -session-enc-type= string]
[-f string |
- -ticket-flags= string]
[- -verbose ]
[- -version ]
[- -help ] |
kimpersonate
program creates a "fake"
ticket using the service-key of the service and stores it in the given (or
default) ccache. This is useful for testing. The service key can be read from
a Kerberos 5 keytab or AFS KeyFile. Supported options:
-
-ccache=
string-s
string,
-
-server=
string-c
string,
-
-client=
string-k
string,
-
-keytab=
string-5
,
-
-krb5
-A
,
-
-add
-R
,
-
-referral
-e
integer,
-
-expire-time=
integer-a
string,
-
-client-address=
string-t
string,
-
-enc-type=
string-
-session-enc-type=
string-f
string,
-
-ticket-flags=
string-
-verbose
-
-version
-
-help
-k
option is used with an appropriate prefix.
kimpersonate
can be used in
samba
root preexec option or for debugging.
kimpersonate
-s host/hummel.e.kth.se@E.KTH.SE -c
lha@E.KTH.SE -5 will create a Kerberos 5 ticket for lha@E.KTH.SE for the host
hummel.e.kth.se if there exists a keytab entry for it in
/etc/krb5.keytab.
In combination with the ktutil
command,
this is useful for testing. For example,
ktutil
-k tkt add -p host/foo.test@TEST
-V2 -e aes256-cts-hmac-sha1-96 -r
kimpersonate
--cache=tcc -s
host/foo.test@TEST -c jdoe@TEST -k tkt --referral
September 18, 2006 | NetBSD 9.4 |