NAME

kimpersonate - impersonate a user when there exist a srvtab, keyfile or KeyFile

SYNOPSIS

kimpersonate --server=string[-s string Xo] --client=string[-c string Xo] --keytab=string[-k string Xo] [-5 | --krb5] --expire-time=integer[-e integer Xo] --client-address=string[-a string Xo] --enc-type=string[-t string Xo] --ticket-flags=string[-f string Xo] [--verbose] [--version] [--help]

DESCRIPTION

The kimpersonate program creates a "fake" ticket using the service-key of the service. The service key can be read from a Kerberos 5 keytab, AFS KeyFile or (if compiled with support for Kerberos 4) a Kerberos 4 srvtab. Supported options:

Xo
-s string, --server=string name of server principal

Xo
-c string, --client=string name of client principal

Xo
-k string, --keytab=string name of keytab file

Xo
-5, --krb5 create a Kerberos 5 ticket

Xo
-e integer, --expire-time=integer lifetime of ticket in seconds

Xo
-a string, --client-address=string address of client

Xo
-t string, --enc-type=string encryption type

Xo
-f string, --ticket-flags=string ticket flags for krb5 ticket

Xo
--verbose Verbose output

Xo
--version Print version

Xo
--help

FILES

Uses /etc/krb5.keytab, /etc/srvtab and /usr/afs/etc/KeyFile when avalible and the the -k is used with appropriate prefix.

EXAMPLES

kimpersonate can be used in samba root preexec option or for debugging. kimpersonate -s host/hummel.e.kth.se@E.KTH.SE -c lha@E.KTH.SE -5 will create a Kerberos 5 ticket for lha@E.KTH.SE for the host hummel.e.kth.se if there exists a keytab entry for it in /etc/krb5.keytab.

SEE ALSO

kinit(1), klist(1)

AUTHORS

Love Hornquist Astrand