summaryrefslogtreecommitdiffstats
path: root/crypto/heimdal/kuser/kimpersonate.1
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/heimdal/kuser/kimpersonate.1')
-rw-r--r--crypto/heimdal/kuser/kimpersonate.1152
1 files changed, 152 insertions, 0 deletions
diff --git a/crypto/heimdal/kuser/kimpersonate.1 b/crypto/heimdal/kuser/kimpersonate.1
new file mode 100644
index 0000000..b9cd8d6
--- /dev/null
+++ b/crypto/heimdal/kuser/kimpersonate.1
@@ -0,0 +1,152 @@
+.\" Copyright (c) 2002 - 2007 Kungliga Tekniska Högskolan
+.\" (Royal Institute of Technology, Stockholm, Sweden).
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\"
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\"
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\"
+.\" 3. Neither the name of the Institute nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" $Id: kimpersonate.1 20259 2007-02-17 23:49:54Z lha $
+.\"
+.Dd September 18, 2006
+.Dt KERBEROS 1
+.Os Heimdal
+.Sh NAME
+.Nm kimpersonate
+.Nd
+impersonate a user when there exist a srvtab, keyfile or KeyFile
+.Sh SYNOPSIS
+.Nm
+.Oo Fl s Ar string \*(Ba Xo
+.Fl -server= Ns Ar string Oc
+.Xc
+.Oo Fl c Ar string \*(Ba Xo
+.Fl -client= Ns Ar string Oc
+.Xc
+.Oo Fl k Ar string \*(Ba Xo
+.Fl -keytab= Ns Ar string Oc
+.Xc
+.Op Fl 5 | Fl -krb5
+.Oo Fl e Ar integer \*(Ba Xo
+.Fl -expire-time= Ns Ar integer Oc
+.Xc
+.Oo Fl a Ar string \*(Ba Xo
+.Fl -client-address= Ns Ar string Oc
+.Xc
+.Oo Fl t Ar string \*(Ba Xo
+.Fl -enc-type= Ns Ar string Oc
+.Xc
+.Oo Fl f Ar string \*(Ba Xo
+.Fl -ticket-flags= Ns Ar string Oc
+.Xc
+.Op Fl -verbose
+.Op Fl -version
+.Op Fl -help
+.Sh DESCRIPTION
+The
+.Nm
+program creates a "fake" ticket using the service-key of the service.
+The service key can be read from a Kerberos 5 keytab, AFS KeyFile or
+(if compiled with support for Kerberos 4) a Kerberos 4 srvtab.
+Supported options:
+.Bl -tag -width Ds
+.It Xo
+.Fl s Ar string Ns ,
+.Fl -server= Ns Ar string
+.Xc
+name of server principal
+.It Xo
+.Fl c Ar string Ns ,
+.Fl -client= Ns Ar string
+.Xc
+name of client principal
+.It Xo
+.Fl k Ar string Ns ,
+.Fl -keytab= Ns Ar string
+.Xc
+name of keytab file
+.It Xo
+.Fl 5 Ns ,
+.Fl -krb5
+.Xc
+create a Kerberos 5 ticket
+.It Xo
+.Fl e Ar integer Ns ,
+.Fl -expire-time= Ns Ar integer
+.Xc
+lifetime of ticket in seconds
+.It Xo
+.Fl a Ar string Ns ,
+.Fl -client-address= Ns Ar string
+.Xc
+address of client
+.It Xo
+.Fl t Ar string Ns ,
+.Fl -enc-type= Ns Ar string
+.Xc
+encryption type
+.It Xo
+.Fl f Ar string Ns ,
+.Fl -ticket-flags= Ns Ar string
+.Xc
+ticket flags for krb5 ticket
+.It Xo
+.Fl -verbose
+.Xc
+Verbose output
+.It Xo
+.Fl -version
+.Xc
+Print version
+.It Xo
+.Fl -help
+.Xc
+.El
+.Sh FILES
+Uses
+.Pa /etc/krb5.keytab,
+.Pa /etc/srvtab
+and
+.Pa /usr/afs/etc/KeyFile
+when avalible and the the
+.Fl k
+is used with appropriate prefix.
+.Sh EXAMPLES
+.Nm
+can be used in
+.Nm samba
+root preexec option
+or for debugging.
+.Nm
+-s host/hummel.e.kth.se@E.KTH.SE -c lha@E.KTH.SE -5
+will create a Kerberos 5 ticket for lha@E.KTH.SE for the host
+hummel.e.kth.se if there exists a keytab entry for it in
+.Pa /etc/krb5.keytab .
+.Sh SEE ALSO
+.Xr kinit 1 ,
+.Xr klist 1
+.Sh AUTHORS
+Love Hornquist Astrand <lha@kth.se>
OpenPOWER on IntegriCloud