NAME
kimpersonate
-
impersonate a user when there exist a srvtab, keyfile or KeyFile
SYNOPSIS
kimpersonate
--server=string[-s string Xo]
--client=string[-c string Xo]
--keytab=string[-k string Xo]
[-5 | --krb5]
--expire-time=integer[-e integer Xo]
--client-address=string[-a string Xo]
--enc-type=string[-t string Xo]
--ticket-flags=string[-f string Xo]
[--verbose]
[--version]
[--help]
DESCRIPTION
The
kimpersonate
program creates a "fake" ticket using the service-key of the service.
The service key can be read from a Kerberos 5 keytab, AFS KeyFile or
(if compiled with support for Kerberos 4) a Kerberos 4 srvtab.
Supported options:
- Xo
-
-s string,
--server=string
name of server principal
- Xo
-
-c string,
--client=string
name of client principal
- Xo
-
-k string,
--keytab=string
name of keytab file
- Xo
-
-5,
--krb5
create a Kerberos 5 ticket
- Xo
-
-e integer,
--expire-time=integer
lifetime of ticket in seconds
- Xo
-
-a string,
--client-address=string
address of client
- Xo
-
-t string,
--enc-type=string
encryption type
- Xo
-
-f string,
--ticket-flags=string
ticket flags for krb5 ticket
- Xo
-
--verbose
Verbose output
- Xo
-
--version
Print version
- Xo
-
--help
FILES
Uses
/etc/krb5.keytab,
/etc/srvtab
and
/usr/afs/etc/KeyFile
when avalible and the the
-k
is used with appropriate prefix.
EXAMPLES
kimpersonate
can be used in
samba
root preexec option
or for debugging.
kimpersonate
-s host/hummel.e.kth.se@E.KTH.SE -c lha@E.KTH.SE -5
will create a Kerberos 5 ticket for lha@E.KTH.SE for the host
hummel.e.kth.se if there exists a keytab entry for it in
/etc/krb5.keytab
.
SEE ALSO
kinit(1),
klist(1)
AUTHORS
Love Hornquist Astrand