| Introduction to the Kerberos Products and |
| KRB5 Client Software |
| $ man 1 kdestroy |
| The kpasswd Utility |
Description | The kpasswd utility changes a user’s Kerberos password. |
| If the optional parameter principal is not used, kpasswd uses the |
| principal name from an existing cache if there is one. If not, the principal |
| is derived from the identity of the user by invoking kpasswd. |
| The kpasswd utility prompts for the current Kerberos password that is |
| used to obtain a changepw ticket from the KDC for the user’s Kerberos |
| REALM. If kpasswd successfully obtains the changepw ticket, the user is |
| prompted twice for a new password to make the password change. |
| Use kpasswd for your MIT KDC server only, not for Microsoft 2000 |
| KDC. Also, note that kpasswd only changes Kerberos passwords on the |
| KDC, not the UNIX password. Use the UNIX passwd command to |
| change your UNIX password on the /etc/passwd file. |
Synopsis | /usr/bin/kpasswd [principal] |
Reference | To view the kpasswd manpage, issue the following command: |
| $ man 1 kpasswd |
| The ktutil Utility |
Description | The ktutil utility maintains the keytab files. It is restricted only for |
| system administrator’s use. |
Synopsis | /usr/sbin/ktutil |
| ktutil: list (Alias: l) |
| ktutil: read_kt keytab (Alias: rkt) |
| ktutil: read_st srvtab (Alias: rst) |
| ktutil: write_kt keytab (Alias: wkt) |
| ktutil: write_st srvtab (Alias: wst) |
| ktutil: clear_list (Alias: clear) |
| ktutil: delete_entry slot (Alias: delete) |
| ktutil: list_requests (Alias: lr or ?) |
Chapter 2 | 61 |