1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
|
.\" from: kinit.1,v 4.6 89/01/23 11:39:11 jtkohl Exp $
.\" $Id: kinit.1,v 1.2 1994/07/19 19:27:36 g89r4222 Exp $
.\" Copyright 1989 by the Massachusetts Institute of Technology.
.\"
.\" For copying and distribution information,
.\" please see the file <Copyright.MIT>.
.\"
.TH KINIT 1 "Kerberos Version 4.0" "MIT Project Athena"
.SH NAME
kinit \- Kerberos login utility
.SH SYNOPSIS
.B kinit
[
.B \-irvl
]
.SH DESCRIPTION
The
.I kinit
command is used to login to the
Kerberos
authentication and authorization system.
Note that only registered
Kerberos
users can use the
Kerberos
system.
For information about registering as a
Kerberos
user,
see the
.I kerberos(1)
manual page.
.PP
If you are logged in to a workstation that is running the
.I toehold
service,
you do not have to use
.I kinit.
The
.I toehold
login procedure will log you into
Kerberos
automatically.
You will need to use
.I kinit
only in those situations in which
your original tickets have expired.
(Tickets expire in about a day.)
Note as well that
.I toehold
will automatically destroy your tickets when you logout from the workstation.
.PP
When you use
.I kinit
without options,
the utility
prompts for your username and Kerberos password,
and tries to authenticate your login with the local
Kerberos
server.
.PP
If
Kerberos
authenticates the login attempt,
.I kinit
retrieves your initial ticket and puts it in the ticket file specified by
your KRBTKFILE environment variable.
If this variable is undefined,
your ticket will be stored in the
.IR /tmp
directory,
in the file
.I tktuid ,
where
.I uid
specifies your user identification number.
.PP
If you have logged in to
Kerberos
without the benefit of the workstation
.I toehold
system,
make sure you use the
.I kdestroy
command to destroy any active tickets before you end your login session.
You may want to put the
.I kdestroy
command in your
.I \.logout
file so that your tickets will be destroyed automatically when you logout.
.PP
The options to
.I kinit
are as follows:
.TP 7
.B \-i
.I kinit
prompts you for a
Kerberos
instance.
.TP
.B \-r
.I kinit
prompts you for a
Kerberos
realm.
This option lets you authenticate yourself with a remote
Kerberos
server.
.TP
.B \-v
Verbose mode.
.I kinit
prints the name of the ticket file used, and
a status message indicating the success or failure of
your login attempt.
.TP
.B \-l
.I kinit
prompts you for a ticket lifetime in minutes. Due to protocol
restrictions in Kerberos Version 4, this value must be between 5 and
1275 minutes.
.SH SEE ALSO
.PP
kerberos(1), kdestroy(1), klist(1), toehold(1)
.SH BUGS
The
.B \-r
option has not been fully implemented.
.SH AUTHORS
Steve Miller, MIT Project Athena/Digital Equipment Corporation
.br
Clifford Neuman, MIT Project Athena
|