KTUTIL(8)                 BSD System Manager's Manual                KTUTIL(8)

NNAAMMEE
     kkttuuttiill -- manage Kerberos keytabs

SSYYNNOOPPSSIISS
     kkttuuttiill [--kk _k_e_y_t_a_b | ----kkeeyyttaabb==_k_e_y_t_a_b] [--vv | ----vveerrbboossee] [----vveerrssiioonn]
            [--hh | ----hheellpp] _c_o_m_m_a_n_d [_a_r_g_s]

DDEESSCCRRIIPPTTIIOONN
     kkttuuttiill is a program for managing keytabs.  Supported options:

     --vv, ----vveerrbboossee
             Verbose output.

     _c_o_m_m_a_n_d can be one of the following:

     add [--pp _p_r_i_n_c_i_p_a_l] [----pprriinncciippaall==_p_r_i_n_c_i_p_a_l] [--VV _k_v_n_o] [----kkvvnnoo==_k_v_n_o] [--ee
                 _e_n_c_t_y_p_e] [----eennccttyyppee==_e_n_c_t_y_p_e] [--ww _p_a_s_s_w_o_r_d]
                 [----ppaasssswwoorrdd==_p_a_s_s_w_o_r_d] [--rr] [----rraannddoomm] [--ss] [----nnoo--ssaalltt] [--HH]
                 [----hheexx]
                 Adds a key to the keytab. Options that are not specified will
                 be prompted for. This requires that you know the password or
                 the hex key of the principal to add; if what you really want
                 is to add a new principal to the keytab, you should consider
                 the _g_e_t command, which talks to the kadmin server.

     change [--rr _r_e_a_l_m] [----rreeaallmm==_r_e_a_l_m] [----aa _h_o_s_t] [----aaddmmiinn--sseerrvveerr==_h_o_s_t] [----ss
                 _p_o_r_t] [----sseerrvveerr--ppoorrtt==_p_o_r_t]
                 Update one or several keys to new versions.  By default, use
                 the admin server for the realm of a keytab entry.  Otherwise
                 it will use the values specified by the options.

                 If no principals are given, all the ones in the keytab are
                 updated.

     copy _k_e_y_t_a_b_-_s_r_c _k_e_y_t_a_b_-_d_e_s_t
                 Copies all the entries from _k_e_y_t_a_b_-_s_r_c to _k_e_y_t_a_b_-_d_e_s_t.

     get [--pp _a_d_m_i_n _p_r_i_n_c_i_p_a_l] [----pprriinncciippaall==_a_d_m_i_n _p_r_i_n_c_i_p_a_l] [--ee _e_n_c_t_y_p_e]
                 [----eennccttyyppeess==_e_n_c_t_y_p_e] [--rr _r_e_a_l_m] [----rreeaallmm==_r_e_a_l_m] [--aa _a_d_m_i_n
                 _s_e_r_v_e_r] [----aaddmmiinn--sseerrvveerr==_a_d_m_i_n _s_e_r_v_e_r] [--ss _s_e_r_v_e_r _p_o_r_t]
                 [----sseerrvveerr--ppoorrtt==_s_e_r_v_e_r _p_o_r_t] _p_r_i_n_c_i_p_a_l _._._.
                 For each _p_r_i_n_c_i_p_a_l, generate a new key for it (creating it if
                 it doesn't already exist), and put that key in the keytab.

                 If no _r_e_a_l_m is specified, the realm to operate on is taken
                 from the first principal.

     list [----kkeeyyss] [----ttiimmeessttaammpp]
                 List the keys stored in the keytab.

     remove [--pp _p_r_i_n_c_i_p_a_l] [----pprriinncciippaall==_p_r_i_n_c_i_p_a_l] [--VV --kkvvnnoo] [----kkvvnnoo==_k_v_n_o]
                 [--ee --eennccttyyppee] [----eennccttyyppee==_e_n_c_t_y_p_e]
                 Removes the specified key or keys. Not specifying a _k_v_n_o
                 removes keys with any version number. Not specifying an
                 _e_n_c_t_y_p_e removes keys of any type.

     rename _f_r_o_m_-_p_r_i_n_c_i_p_a_l _t_o_-_p_r_i_n_c_i_p_a_l
                 Renames all entries in the keytab that match the
                 _f_r_o_m_-_p_r_i_n_c_i_p_a_l to _t_o_-_p_r_i_n_c_i_p_a_l.

     purge [----aaggee==_a_g_e]
                 Removes all old versions of a key for which there is a newer
                 version that is at least _a_g_e (default one week) old.

SSEEEE AALLSSOO
     kadmin(8)

HEIMDAL                         April 14, 2005                         HEIMDAL