klist
reads and displays the current tickets in the credential cache (also
known as the ticket file).
Options supported:
|
| -c cache , -cache= cache
|
| |
credential cache to list
|
| -s -, -t -, -test
|
| |
Test for there being an active and valid TGT for the local realm of
the user in the credential cache.
|
| -T -, -tokens
|
| |
display AFS tokens
|
| -5 -, -v5
|
| |
display v5 cred cache (this is the default)
|
| -f
|
| |
Include ticket flags in short form, each character stands for a
specific flag, as follows:
|
| F
|
forwardable
|
| f
|
forwarded
|
| P
|
proxiable
|
| p
|
proxied
|
| D
|
postdate-able
|
| d
|
postdated
|
| R
|
renewable
|
| I
|
initial
|
| i
|
invalid
|
| A
|
pre-authenticated
|
| H
|
hardware authenticated
|
|
This information is also output with the
-verbose
option, but in a more verbose way.
| -v -, -verbose
|
| |
Verbose output. Include all possible information:
|
| Server
|
| |
the principal the ticket is for
|
| Ticket etype
|
| |
the encryption type used in the ticket, followed by the key version of
the ticket, if it is available
|
| Session key
|
| |
the encryption type of the session key, if it's different from the
encryption type of the ticket
|
| Auth time
|
| |
the time the authentication exchange took place
|
| Start time
|
| |
the time that this ticket is valid from (only printed if it's
different from the auth time)
|
| End time
|
| |
when the ticket expires, if it has already expired this is also noted
|
| Renew till
|
| |
the maximum possible end time of any ticket derived from this one
|
| Ticket flags
|
| |
the flags set on the ticket
|
| Addresses
|
| |
the set of addresses from which this ticket is valid
|
|
| -l -, -list-caches
|
| |
List the credential caches for the current users, not all cache types
supports listing multiple caches.
|
|
