logo
Free, unlimited AI code reviews that run on commit
git-lrc git-lrc GitHub Install Now We'd appreciate a star git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt

kimpersonate — impersonate a user when there exist a keyfile or KeyFile

Contents

Authors

       Love Hornquist Astrand <lha@kth.se>

Debian                                         September 18, 2006                                KIMPERSONATE(8)

Description

       The  kimpersonate  program  creates a "fake" ticket using the service-key of the service and stores it in
       the given (or default) ccache.  This is useful for testing.  The service key can be read from a  Kerberos
       5 keytab or AFS KeyFile.  Supported options:

       --ccache=string
               ccache into which to store the ticket

       -sstring, --server=string
               name of server principal

       -cstring, --client=string
               name of client principal

       -kstring, --keytab=string
               name of keytab file

       -5, --krb5
               create a Kerberos 5 ticket

       -A, --add
               don't re-initialize the ccache, instead add the ticket to an existing ccache.

       -R, --referral
               simulate  a  referrals-based  KDC client by storing two entries, one with the empty realm for the
               service principal name.

       -einteger, --expire-time=integer
               lifetime of ticket in seconds

       -astring, --client-address=string
               address of client

       -tstring, --enc-type=string
               encryption type (defaults to "aes256-cts-hmac-sha1-96")

       --session-enc-type=string
               session encryption type (defaults to enc-type or "des-cbc-crc" for afs service tickets)

       -fstring, --ticket-flags=string
               ticket flags for krb5 ticket

       --verbose
               Verbose output

       --version
               Print version

       --help

Examples

kimpersonate   can   be   used   in  samba  root  preexec  option  or  for  debugging.   kimpersonate  -s
       host/hummel.e.kth.se@E.KTH.SE -c lha@E.KTH.SE -5 will create a Kerberos 5 ticket for lha@E.KTH.SE for the
       host hummel.e.kth.se if there exists a keytab entry for it in /etc/krb5.keytab.

       In combination with the ktutil command, this is useful for testing.  For example,

       ktutil -k tkt add -p host/foo.test@TEST -V2 -e aes256-cts-hmac-sha1-96 -r

       kimpersonate --cache=tcc -s host/foo.test@TEST -c jdoe@TEST -k tkt --referral

Files

       Uses /etc/krb5.keytab, and /usr/afs/etc/KeyFile when  available  and  the  -k  option  is  used  with  an
       appropriate prefix.

Name

       kimpersonate — impersonate a user when there exist a keyfile or KeyFile

See Also

kinit(1), klist(1)

Synopsis

kimpersonate  [-sstring  | --ccache=string] [-sstring | --server=string] [-cstring | --client=string]
                    [-kstring  |  --keytab=string]  [-5  |  --krb5]   [-A   |   --add]   [-R   |   --referral]
                    [-einteger    |    --expire-time=integer]    [-astring   |   --client-address=string]
                    [-tstring         |         --enc-type=string]          [--session-enc-type=string]
                    [-fstring | --ticket-flags=string] [--verbose] [--version] [--help]

See Also

String
String PNG Icons
🎫
Ticket Emojis
Man Pages
keytab Man Pages
MCP
Client Mcp
Type
Type PNG Icons
Man Pages
krb5_get_creds, krb5_get_creds_opt_add_options, krb5_get_creds_opt_alloc, krb5_get_creds_opt_free, Man Pages
Man Pages
ccache Man Pages
Man Pages
KeyFile Man Pages
Man Pages
names Man Pages
← View System admin Category← Back to Miscellaneous diversions🙏  Credits & Acknowledgments