1ktutil(1) User Commands ktutil(1)
2
3
4
6 ktutil - Kerberos keytab maintenance utility
7
9 /usr/bin/ktutil
10
11
13 The ktutil command is an interactive command-line interface utility for
14 managing the keylist in keytab files. You must read in a keytab's
15 keylist before you can manage it. Also, the user running the ktutil
16 command must have read/write permissions on the keytab. For example, if
17 a keytab is owned by root, which it typically is, ktutil must be run as
18 root to have the appropriate permissions.
19
21 clear_list Clears the current keylist.
22 clear
23
24 read_kt file Reads a keytab into the current keylist. You
25 rkt file must specify a keytab file to read.
26
27
28 write_kt file Writes the current keylist to a keytab file. You
29 wkt file must specify a keytab file to write. If the
30 keytab file already exists, the current keylist
31 is appended to the existing keytab file.
32
33
34 add_entry number Adds an entry to the current keylist. Specify
35 addent number the entry by the keylist slot number.
36
37
38 delete_entry number Deletes an entry from the current keylist. Spec‐
39 delent number ify the entry by the keylist slot number.
40
41
42 list Lists the current keylist.
43 l
44
45 list_request Lists available requests (commands).
46 lr
47
48 quit Exits utility.
49 exit
50 q
52 Example 1 Deleting a principal from a file
53
54
55 The following example deletes the host/denver@ACME.com principal from
56 the /etc/krb5/krb5.keytab file. Notice that if you want to delete an
57 entry from an existing keytab, you must first write the keylist to a
58 temporary keytab and then overwrite the existing keytab with the tempo‐
59 rary keytab. This is because the wkt command actually appends the cur‐
60 rent keylist to an existing keytab, so you can't use it to overwrite a
61 keytab.
62
63
64 example# /usr/krb5/bin/ktutil
65 ktutil: rkt /etc/krb5/krb5.keytab
66 ktutil: list
67 slot KVNO Principal
68 ---- ---- ---------------------------------------
69 1 8 host/vail@ACME.COM
70 2 5 host/denver@ACME.COM
71 ktutil:delent 2
72 ktutil:l
73 slot KVNO Principal
74 ---- ---- --------------------------------------
75 1 8 host/vail@ACME.COM
76 ktutil:wkt /tmp/krb5.keytab
77 ktutil:q
78 example# mv /tmp/krb5.keytab /etc/krb5/krb5.keytab
79
80
81
83 /etc/krb5/krb5.keytab keytab file for Kerberos clients
84
85
87 See attributes(5) for descriptions of the following attributes:
88
89
90
91
92 ┌─────────────────────────────┬─────────────────────────────┐
93 │ ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
94 ├─────────────────────────────┼─────────────────────────────┤
95 │Availability │SUNWkrbu │
96 ├─────────────────────────────┼─────────────────────────────┤
97 │Interface Stability │See below. │
98 └─────────────────────────────┴─────────────────────────────┘
99
100
101 The command arguments are Evolving. The command output is Unstable.
102
104 kadmin(1M), k5srvutil(1M), attributes(5), kerberos(5)
105
106
107
108SunOS 5.11 16 Nov 2006 ktutil(1)