diff options
Diffstat (limited to 'kuser/kimpersonate.1')
-rw-r--r-- | kuser/kimpersonate.1 | 152 |
1 files changed, 152 insertions, 0 deletions
diff --git a/kuser/kimpersonate.1 b/kuser/kimpersonate.1 new file mode 100644 index 0000000..b9cd8d6 --- /dev/null +++ b/kuser/kimpersonate.1 @@ -0,0 +1,152 @@ +.\" Copyright (c) 2002 - 2007 Kungliga Tekniska Högskolan +.\" (Royal Institute of Technology, Stockholm, Sweden). +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" 3. Neither the name of the Institute nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id: kimpersonate.1 20259 2007-02-17 23:49:54Z lha $ +.\" +.Dd September 18, 2006 +.Dt KERBEROS 1 +.Os Heimdal +.Sh NAME +.Nm kimpersonate +.Nd +impersonate a user when there exist a srvtab, keyfile or KeyFile +.Sh SYNOPSIS +.Nm +.Oo Fl s Ar string \*(Ba Xo +.Fl -server= Ns Ar string Oc +.Xc +.Oo Fl c Ar string \*(Ba Xo +.Fl -client= Ns Ar string Oc +.Xc +.Oo Fl k Ar string \*(Ba Xo +.Fl -keytab= Ns Ar string Oc +.Xc +.Op Fl 5 | Fl -krb5 +.Oo Fl e Ar integer \*(Ba Xo +.Fl -expire-time= Ns Ar integer Oc +.Xc +.Oo Fl a Ar string \*(Ba Xo +.Fl -client-address= Ns Ar string Oc +.Xc +.Oo Fl t Ar string \*(Ba Xo +.Fl -enc-type= Ns Ar string Oc +.Xc +.Oo Fl f Ar string \*(Ba Xo +.Fl -ticket-flags= Ns Ar string Oc +.Xc +.Op Fl -verbose +.Op Fl -version +.Op Fl -help +.Sh DESCRIPTION +The +.Nm +program creates a "fake" ticket using the service-key of the service. +The service key can be read from a Kerberos 5 keytab, AFS KeyFile or +(if compiled with support for Kerberos 4) a Kerberos 4 srvtab. +Supported options: +.Bl -tag -width Ds +.It Xo +.Fl s Ar string Ns , +.Fl -server= Ns Ar string +.Xc +name of server principal +.It Xo +.Fl c Ar string Ns , +.Fl -client= Ns Ar string +.Xc +name of client principal +.It Xo +.Fl k Ar string Ns , +.Fl -keytab= Ns Ar string +.Xc +name of keytab file +.It Xo +.Fl 5 Ns , +.Fl -krb5 +.Xc +create a Kerberos 5 ticket +.It Xo +.Fl e Ar integer Ns , +.Fl -expire-time= Ns Ar integer +.Xc +lifetime of ticket in seconds +.It Xo +.Fl a Ar string Ns , +.Fl -client-address= Ns Ar string +.Xc +address of client +.It Xo +.Fl t Ar string Ns , +.Fl -enc-type= Ns Ar string +.Xc +encryption type +.It Xo +.Fl f Ar string Ns , +.Fl -ticket-flags= Ns Ar string +.Xc +ticket flags for krb5 ticket +.It Xo +.Fl -verbose +.Xc +Verbose output +.It Xo +.Fl -version +.Xc +Print version +.It Xo +.Fl -help +.Xc +.El +.Sh FILES +Uses +.Pa /etc/krb5.keytab, +.Pa /etc/srvtab +and +.Pa /usr/afs/etc/KeyFile +when avalible and the the +.Fl k +is used with appropriate prefix. +.Sh EXAMPLES +.Nm +can be used in +.Nm samba +root preexec option +or for debugging. +.Nm +-s host/hummel.e.kth.se@E.KTH.SE -c lha@E.KTH.SE -5 +will create a Kerberos 5 ticket for lha@E.KTH.SE for the host +hummel.e.kth.se if there exists a keytab entry for it in +.Pa /etc/krb5.keytab . +.Sh SEE ALSO +.Xr kinit 1 , +.Xr klist 1 +.Sh AUTHORS +Love Hornquist Astrand <lha@kth.se> |