tail head cat sleep
QR code linking to this page

Manual Pages  — GSSD


gssd – Generic Security Services Daemon



gssd [-d] [-h] [-o] [-v] [-s dir-list] [-c file-substring] [-r preferred-realm]


The gssd program provides support for the kernel GSS-API implementation.

The options are as follows:
  Run in debug mode. In this mode, gssd will not fork when it starts.
  Enable support for host-based initiator credentials. This permits a kerberized NFS mount to use a service principal in the default Kerberos 5 keytab file for access. Such access is enabled via the gssname option for the mount_nfs(8) command.
  Force use of DES and the associated old style GSS-API initialization token. This may be required to make kerberized NFS mounts work against some non-FreeBSD NFS servers.
  Run in verbose mode. In this mode, gssd will log activity messages to syslog using LOG_INFO | LOG_DAEMON or to stderr, if the -d option has also been specified. The minor status is logged as a decimal number, since it is actually a Kerberos return status, which is signed.
-s dir-list
  Look for an appropriate credential cache file in this list of directories. The list should be full pathnames from root, separated by ':' characters. Usually this list will simply be "/tmp". Without this option, gssd assumes that the credential cache file is called /tmp/krb5cc_<uid>, where <uid> is the effective uid for the RPC caller.
-c file-substring
  Set a file-substring for the credential cache file names. Only files with this substring embedded in their names will be selected as candidates when -s has been specified. If not specified, it defaults to "krb5cc_".
-r preferred-realm
  Use Kerberos credentials for this realm when searching for credentials in directories specified with -s. If not specified, the default Kerberos realm will be used.


  Contains Kerberos service principals which may be used as credentials by kernel GSS-API services.


The utility exits 0 on success, and >0 if an error occurs.


gssapi(3), syslog(3), mount_nfs(8)


The gssd manual page first appeared in FreeBSD 8.0 .


This manual page was written by Doug Rabson <Mt dfr@FreeBSD.org>.

GSSD (8) July 7, 2013

tail head cat sleep
QR code linking to this page

Please direct any comments about this manual page service to Ben Bullock. Privacy policy.

Modern Unix impedes progress in computer science, wastes billions of dollars, and destroys the common sense of many who seriously use it.
— The Unix Haters' handbook