Mercurial > repos > rliterman > csp2

diff CSP2/CSP2_env/env-d9b9114564458d9d-741b3de822f2aaca6c6caa4325c4afce/share/man/man1/kvno.1 @ 68:5028fdace37b

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
planemo upload commit 2e9511a184a1ca667c7be0c6321a36dc4e3d116d
author jpayne
date Tue, 18 Mar 2025 16:23:26 -0400
parents
children
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/CSP2/CSP2_env/env-d9b9114564458d9d-741b3de822f2aaca6c6caa4325c4afce/share/man/man1/kvno.1	Tue Mar 18 16:23:26 2025 -0400
@@ -0,0 +1,141 @@
+.\" Man page generated from reStructuredText.
+.
+.TH "KVNO" "1" " " "1.20.1" "MIT Kerberos"
+.SH NAME
+kvno \- print key version numbers of Kerberos principals
+.
+.nr rst2man-indent-level 0
+.
+.de1 rstReportMargin
+\\$1 \\n[an-margin]
+level \\n[rst2man-indent-level]
+level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
+-
+\\n[rst2man-indent0]
+\\n[rst2man-indent1]
+\\n[rst2man-indent2]
+..
+.de1 INDENT
+.\" .rstReportMargin pre:
+. RS \\$1
+. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
+. nr rst2man-indent-level +1
+.\" .rstReportMargin post:
+..
+.de UNINDENT
+. RE
+.\" indent \\n[an-margin]
+.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.nr rst2man-indent-level -1
+.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
+..
+.SH SYNOPSIS
+.sp
+\fBkvno\fP
+[\fB\-c\fP \fIccache\fP]
+[\fB\-e\fP \fIetype\fP]
+[\fB\-k\fP \fIkeytab\fP]
+[\fB\-q\fP]
+[\fB\-u\fP | \fB\-S\fP \fIsname\fP]
+[\fB\-P\fP]
+[\fB\-\-cached\-only\fP]
+[\fB\-\-no\-store\fP]
+[\fB\-\-out\-cache\fP \fIcache\fP]
+[[{\fB\-F\fP \fIcert_file\fP | {\fB\-I\fP | \fB\-U\fP} \fIfor_user\fP} [\fB\-P\fP]] | \fB\-\-u2u\fP \fIccache\fP]
+\fIservice1 service2\fP ...
+.SH DESCRIPTION
+.sp
+kvno acquires a service ticket for the specified Kerberos principals
+and prints out the key version numbers of each.
+.SH OPTIONS
+.INDENT 0.0
+.TP
+\fB\-c\fP \fIccache\fP
+Specifies the name of a credentials cache to use (if not the
+default)
+.TP
+\fB\-e\fP \fIetype\fP
+Specifies the enctype which will be requested for the session key
+of all the services named on the command line.  This is useful in
+certain backward compatibility situations.
+.TP
+\fB\-k\fP \fIkeytab\fP
+Decrypt the acquired tickets using \fIkeytab\fP to confirm their
+validity.
+.TP
+\fB\-q\fP
+Suppress printing output when successful.  If a service ticket
+cannot be obtained, an error message will still be printed and
+kvno will exit with nonzero status.
+.TP
+\fB\-u\fP
+Use the unknown name type in requested service principal names.
+This option Cannot be used with \fI\-S\fP\&.
+.TP
+\fB\-P\fP
+Specifies that the \fIservice1 service2\fP ...  arguments are to be
+treated as services for which credentials should be acquired using
+constrained delegation.  This option is only valid when used in
+conjunction with protocol transition.
+.TP
+\fB\-S\fP \fIsname\fP
+Specifies that the \fIservice1 service2\fP ... arguments are
+interpreted as hostnames, and the service principals are to be
+constructed from those hostnames and the service name \fIsname\fP\&.
+The service hostnames will be canonicalized according to the usual
+rules for constructing service principals.
+.TP
+\fB\-I\fP \fIfor_user\fP
+Specifies that protocol transition (S4U2Self) is to be used to
+acquire a ticket on behalf of \fIfor_user\fP\&.  If constrained
+delegation is not requested, the service name must match the
+credentials cache client principal.
+.TP
+\fB\-U\fP \fIfor_user\fP
+Same as \-I, but treats \fIfor_user\fP as an enterprise name.
+.TP
+\fB\-F\fP \fIcert_file\fP
+Specifies that protocol transition is to be used, identifying the
+client principal with the X.509 certificate in \fIcert_file\fP\&.  The
+certificate file must be in PEM format.
+.TP
+\fB\-\-cached\-only\fP
+Only retrieve credentials already present in the cache, not from
+the KDC.  (Added in release 1.19.)
+.TP
+\fB\-\-no\-store\fP
+Do not store retrieved credentials in the cache.  If
+\fB\-\-out\-cache\fP is also specified, credentials will still be
+stored into the output credential cache.  (Added in release 1.19.)
+.TP
+\fB\-\-out\-cache\fP \fIccache\fP
+Initialize \fIccache\fP and store all retrieved credentials into it.
+Do not store acquired credentials in the input cache.  (Added in
+release 1.19.)
+.TP
+\fB\-\-u2u\fP \fIccache\fP
+Requests a user\-to\-user ticket.  \fIccache\fP must contain a local
+krbtgt ticket for the server principal.  The reported version
+number will typically be 0, as the resulting ticket is not
+encrypted in the server\(aqs long\-term key.
+.UNINDENT
+.SH ENVIRONMENT
+.sp
+See kerberos(7) for a description of Kerberos environment
+variables.
+.SH FILES
+.INDENT 0.0
+.TP
+.B \fBFILE:/tmp/krb5cc_%{uid}\fP
+Default location of the credentials cache
+.UNINDENT
+.SH SEE ALSO
+.sp
+kinit(1), kdestroy(1), kerberos(7)
+.SH AUTHOR
+MIT
+.SH COPYRIGHT
+1985-2022, MIT
+.\" Generated by docutils manpage writer.
+.