klist
reads and displays the current tickets in the credential cache (also
known as the ticket file).
Options supported:
-c cache , -cache= cache
|
|
credential cache to list
|
-s -, -t -, -test
|
|
Test for there being an active and valid TGT for the local realm of
the user in the credential cache.
|
-T -, -tokens
|
|
display AFS tokens
|
-5 -, -v5
|
|
display v5 cred cache (this is the default)
|
-f
|
|
Include ticket flags in short form, each character stands for a
specific flag, as follows:
|
F
|
forwardable
|
f
|
forwarded
|
P
|
proxiable
|
p
|
proxied
|
D
|
postdate-able
|
d
|
postdated
|
R
|
renewable
|
I
|
initial
|
i
|
invalid
|
A
|
pre-authenticated
|
H
|
hardware authenticated
|
This information is also output with the
-verbose
option, but in a more verbose way.
-v -, -verbose
|
|
Verbose output. Include all possible information:
|
Server
|
|
the principal the ticket is for
|
Ticket etype
|
|
the encryption type used in the ticket, followed by the key version of
the ticket, if it is available
|
Session key
|
|
the encryption type of the session key, if it's different from the
encryption type of the ticket
|
Auth time
|
|
the time the authentication exchange took place
|
Start time
|
|
the time that this ticket is valid from (only printed if it's
different from the auth time)
|
End time
|
|
when the ticket expires, if it has already expired this is also noted
|
Renew till
|
|
the maximum possible end time of any ticket derived from this one
|
Ticket flags
|
|
the flags set on the ticket
|
Addresses
|
|
the set of addresses from which this ticket is valid
|
-l -, -list-caches
|
|
List the credential caches for the current users, not all cache types
supports listing multiple caches.
|