rcp \- remote file copy
.SH SYNOPSIS
.B rcp
-[\fB\-p\fP] [\fB\-x\fP | \fB\-\-encrypt\fP] [\fB\-k\fP \fIrealm\fP ]
-[\fB\-D\fP \fIport\fP] [\fB\-N\fP]
+[\fB\-p\fP] [\fB\-x\fP] [\fB\-k\fP \fIrealm\fP ] [\fB\-D\fP \fIport\fP]
+[\fB\-N\fP]
.I file1 file2
.sp
.B rcp
-[\fB\-p\fB] [\fB\-x\fP | \fB\-\-encrypt\fP] [\fP\-k\fP \fIrealm\fP]
-[\fB\-r\fP] [\fB\-D\fP \fIport\fP] [\fB\-N\fP]
+[\fB\-p\fB] [\fB\-x\fP] [\fP\-k\fP \fIrealm\fP] [\fB\-r\fP] [\fB\-D\fP
+\fIport\fP] [\fB\-N\fP]
.I file ... directory
.SH DESCRIPTION
.B Rcp
source files in the copies, ignoring the
.IR umask .
.TP
-\fB\-x\fP | \fB\-\-encrypt\fP
+\fB\-x\fP
encrypt all information transferring between hosts.
.TP
\fB\-k\fP \fIrealm\fP
to use
.I rname
rather than the current user name on the remote host.
-.SH CONFIGURATION
-The following defaults may be specified in the [appdefaults] or [realms]
-section of the
-.IR krb5.conf (5)
-file:
-.TP "\w'.B encrypt\ \ 'u"
-.B encrypt
-Whether or not to encrypt the data stream. Takes a boolean argument.
-.PP
-For example:
-.sp
-.nf
-.in +1i
-[appdefaults]
- rcp = {
- encrypt = true
- }
-[realms]
- FUBAR.ORG = {
- rcp = {
- encrypt = false
- }
- }
-.in -1i
-.fi
-.sp
.SH FILES
-.TP "\w'/etc/krb5.conf\ \ 'u"
-/etc/krb5.conf
-file containing local host's Kerberos V5 configuration information
-.sp -1v
-.TP
+.TP "\w'~/.k5login\ \ 'u"
~/.k5login
(on remote host) - file containing Kerberos principals that are allowed
access.
.SH SEE ALSO
-cp(1), ftp(1), rsh(1), rlogin(1), kerberos(3), krb_getrealm(3),
-krb5.conf(5), rcp(1) [UCB version]
+cp(1), ftp(1), rsh(1), rlogin(1), kerberos(3), krb_getrealm(3), rcp(1)
+[UCB version]
.SH BUGS
.B Rcp
doesn't detect all cases where the target of a copy might be a file in
.SH SYNOPSIS
.B rlogin
.I rhost
-[\fB\-e\fP\fI\|c\fP] [\fB\-8\fP] [\fB\-c\fP] [ \fB\-a\fP] [\fB\-f\fP |
-\fB\-\-forward\fP] [\fB\-\-noforward\fP] [\fB\-F\fP |
-\fB\-\-forwardable\fP] [\fB\-\-noforwardable\fP] [\fB\-t\fP
-\fItermtype\fP] [\fB\-n\fP] [\fB\-7\fP] [\fB\-d\fP] [\fB\-k\fP
-\fIrealm\fP] [\fB\-x\fP | \fB\-\-encrypt\fP] [\fB\-\-noencrypt\fP]
-[\fB\-\-noflow\fP] [\fB\-L\fP] [\fB\-l\fP \fIusername\fP]
+[\fB\-e\fP\fI\|c\fP] [\fB\-8\fP] [\fB\-c\fP] [ \fB\-a\fP] [\fB\-f\fP]
+[\fB\-F\fP] [\fB\-t\fP \fItermtype\fP] [\fB\-n\fP] [\fB\-7\fP]
+[\fB\-d\fP] [\fB\-k\fP \fIrealm\fP] [\fB\-x\fP] [\fB\-L\fP] [\fB\-l\fP
+\fIusername\fP]
.PP
.SH DESCRIPTION
.I Rlogin
username. This option has no effect unless the standard UCB rlogin is
executed in place of the Kerberos rlogin (see above).
.TP
-\fB\-f\fP | \fB\-\-forward\fP
+\fB\-f\fP
forward a copy of the local credentials to the remote system.
.TP
-.B \-\-noforward
-disables ticket forwarding. This is useful for overriding the
-application defaults in the host's
-.IR krb5.conf (5)
-file.
-.TP
-\fB\-F\fP | \fB\-\-forwardable\fP
+\fB\-F\fP
forward a
.I forwardable
copy of the local credentials to the remote system.
.TP
-.B \-\-noforwardable
-makes any forwarded tickets non-forwardable. This is useful for
-overriding the application defaults in the host's
-.IR krb5.conf (5)
-file.
-.TP
\fB\-t\fP \fItermtype\fP
replace the terminal type passed to the remote host with
.IR termtype .
.IR setsockopt (2))
on the TCP sockets used for communication with the remote host.
.TP
-.B \-\-noflow
-force transmission of flow control characters (^S/^Q) to the remote
-system.
-.TP
.B \-k
request rlogin to obtain tickets for the remote host in realm
.I realm
instead of the remote host's realm as determined by
.IR krb_realmofhost (3).
.TP
-\fB\-x\fP | \fB\-\-encrypt\fP
+\fB\-x\fP
turn on DES encryption for all data passed via the rlogin session. This
significantly reduces response time and significantly increases CPU
utilization.
-.TP
-.B \-\-noencrypt
-disables encryption. This is useful for overriding the application
-defaults in the host's
-.IR krb5.conf (5)
-file.
-.SH CONFIGURATION
-The following defaults may be specified in the [appdefaults] or [realms]
-section of the
-.IR krb5.conf (5)
-file:
-.TP "\w'.B forwardable\ \ 'u"
-.B forwardable
-Whether or not any forwarded tickets should be forwardable. Takes a
-boolean argument.
-.TP
-.B forward
-Whether or not to forward tickets to the remote host. Takes a boolean
-argument.
-.TP
-.B encrypt
-Whether or not to encrypt the data stream. Takes a boolean argument.
-.PP
-For example:
-.sp
-.nf
-.in +1i
-[appdefaults]
- rlogin = {
- forwardable = true
- forward = true
- encrypt = true
- }
-[realms]
- FUBAR.ORG = {
- rlogin = {
- forward = false
- }
- }
-.in -1i
-.fi
-.sp
.SH SEE ALSO
-rsh(1), kerberos(3), krb_sendauth(3), krb_realmofhost(3),
-krb5.conf(5), rlogin(1) [UCB version]
+rsh(1), kerberos(3), krb_sendauth(3), krb_realmofhost(3), rlogin(1) [UCB
+version]
.SH FILES
-.TP "\w'/etc/krb5.conf\ \ 'u"
-/etc/krb5.conf
-file containing local host's Kerberos V5 configuration information
-.sp -1v
-.TP
+.TP "\w'~/\&.k5login\ \ 'u"
~/\&.k5login
(on remote host) - file containing Kerberos principals that are allowed
access.
.B rsh
.I host
[\fB\-l\fP \fIusername\fP] [\fB\-n\fP] [\fB\-d\fP] [\fB\-k\fP
-\fIrealm\fP] [\fB\-f\fP | \fB\-\-forward\fP | \fB\-F\fP |
-\fB\-\-forwardable\fP] [\fB\-\-noforward\fP] [\fB\-\-noforwardable\fP]
-[\fB\-x\fP | \fB\-\-encrypt\fP] [\fB\-\-noencrypt\fP] [\fB\-\-noflow\fP]
+\fIrealm\fP] [\fB\-f\fP | \fB\-F\fP] [\fB\-x\fP]
.I command
.SH DESCRIPTION
.B Rsh
.IR username .
Otherwise, the remote username will be the same as the local username.
.TP
-\fB\-x\fP | \fB\-\-encrypt\fP
+\fB\-x\fP
causes the network session traffic to be encrypted.
.TP
-.B \-\-noencrypt
-disables encryption. This is useful for overriding the application
-defaults in the host's
-.IR krb5.conf (5)
-file.
-.TP
-\fB\-f\fP | \fB\-\-forward\fP
-The
-.B \-f
-and
-.B \-\-forward
-options cause Kerberos credentials to be forwarded to the remote machine
-for use by the specified
+\fB\-f\fP
+cause nonforwardable Kerberos credentials to be forwarded to the remote
+machine for use by the specified
.IR command .
They will be removed when
.I command
finishes. This option is mutually exclusive with the
.B \-F
-or
-.B \-\-forwardable
-options.
+option.
.TP
-\fB\-F\fP | \fB\-\-forwardable\fP
-The
-.B \-F
-and
-.B \-\-forwardable
-options cause
+\fB\-F\fP
+cause
.I forwardable
Kerberos credentials to be forwarded to the remote machine for use by
the specified
.I command
finishes. This option is mutually exclusive with the
.B \-f
-or
-.B \-\-forward
-options.
-.TP
-.B \-\-noforward
-disables ticket forwarding. This is useful for overriding the
-application defaults in the host's
-.IR krb5.conf (5)
-file.
-.TP
-.B \-\-noforwardable
-makes any forwarded tickets non-forwardable. This is useful for
-overriding the application defaults in the host's
-.IR krb5.conf (5)
-file.
+option.
.TP
-\fB\-k\fP\fIrealm\fP
+\fB\-k\fP \fIrealm\fP
causes
.I rsh
to obtain tickets for the remote host in
redirects input from the special device
.I /dev/null
(see the BUGS section below).
-.TP
-.B \-\-noflow
-If
-.B rsh
-causes you to be logged into the remote host using
-.IR rlogin (1),
-this option passes the \-\-noflow option to
-.IR rlogin .
.PP
If you omit
.IR command ,
.I remotefile
to
.IR otherremotefile .
-.SH CONFIGURATION
-The following defaults may be specified in the [appdefaults] or [realms]
-section of the
-.IR krb5.conf (5)
-file:
-.TP "\w'.B forwardable\ \ 'u"
-.B forwardable
-Whether or not any forwarded tickets should be forwardable. Takes a
-boolean argument.
-.TP
-.B forward
-Whether or not to forward tickets to the remote host. Takes a boolean
-argument.
-.TP
-.B encrypt
-Whether or not to encrypt the data stream. Takes a boolean argument.
-.PP
-For example:
-.sp
-.nf
-.in +1i
-[appdefaults]
- rsh = {
- forwardable = true
- forward = true
- encrypt = true
- }
-[realms]
- FUBAR.ORG = {
- rsh = {
- forward = false
- }
- }
-.in -1i
-.fi
-.sp
.SH FILES
-.TP "\w'/etc/krb5.conf\ \ 'u"
+.TP "\w'~/.k5login\ \ 'u"
/etc/hosts
.sp -1v
.TP
-/etc/krb5.conf
-file containing local host's Kerberos V5 configuration information
-.sp -1v
-.TP
~/\&.k5login
(on remote host) - file containing Kerberos principals that are allowed
access.
.SH SEE ALSO
-rlogin(1), kerberos(3), krb_sendauth(3), krb_realmofhost(3),
-krb5.conf(5)
+rlogin(1), kerberos(3), krb_sendauth(3), krb_realmofhost(3)
.SH BUGS
If you are using
.IR csh (1)
telnet \- user interface to the TELNET protocol
.SH SYNOPSIS
.B telnet
-[\fB\-8\fP] [\fB\-E\fP] [\fB\-F\fP] [\fB\-K\fP | \fB\-\-noautologin\fP]
-[\fB\-L\fP] [\fB\-S\fP \fItos\fP] [\fB\-X\fP \fIauthtype\fP] [\fB\-a\fP
-| \fB\-\-autologin\fP] [\fB\-c\fP] [\fB\-d\fP] [\fB\-e\fP
-\fIescapechar\fP] [\fB\-f\fP] [\fB\-k\fP \fIrealm\fP] [\fB\-l\fP
-\fIuser\fP] [\fB\-n\fP \fItracefile\fP] [\fB\-r\fP] [\fB\-x\fP |
-\fB\-\-encrypt\fP] [\fB\-\-noencrypt\fP] [\fIhost\fP [\fIport\fP]]
+[\fB\-8\fP] [\fB\-E\fP] [\fB\-F\fP] [\fB\-K\fP] [\fB\-L\fP] [\fB\-S\fP
+\fItos\fP] [\fB\-X\fP \fIauthtype\fP] [\fB\-a\fP] [\fB\-c\fP]
+[\fB\-d\fP] [\fB\-e\fP \fIescapechar\fP] [\fB\-f\fP] [\fB\-k\fP
+\fIrealm\fP] [\fB\-l\fP \fIuser\fP] [\fB\-n\fP \fItracefile\fP]
+[\fB\-r\fP] [\fB\-x\fP] [\fIhost\fP [\fIport\fP]]
.SH DESCRIPTION
The
.B telnet
.B \-E
Stop any character from being recognized as an escape character.
.TP
-\fB\-F\fP | \fB\-\-forwardable\fP
+\fB\-F\fP
forward a
.I forwardable
copy of the local credentials to the remote system.
.TP
-.B \-\-noforwardable
-make any forwarded tickets non-forwardable. This is useful for
-overriding the application defaults in the host's
-.IR krb5.conf (5)
-file.
-.TP
-\fB\-K\fP | \fB\-\-noautologin\fP
+\fB\-K\fP
Specify no automatic login to the remote system.
.TP
.B \-L
.I atype
type of authentication.
.TP
-\fB\-a\fP | \fB\-\-autologin\fP
+\fB\-a\fP
Attempt automatic login. This sends the user name via the
.SM USER
variable of the
.I escape char
is omitted, then there will be no escape character.
.TP
-\fB\-f\fP | \fB\-\-forward\fP
+\fB\-f\fP
forward a copy of the local credentials to the remote system.
.TP
-.B \-\-noforward
-disable ticket forwarding. This is useful for overriding the
-application defaults in the host's
-.IR krb5.conf (5)
-file.
-.TP
\fB\-k\fP \fIrealm\fP
If Kerberos authentication is being used, request that telnet obtain
tickets for the remote host in realm
.B \-e
option.
.TP
-\fB\-x\fP | \fB\-\-encrypt\fP
+\fB\-x\fP
Turn on encryption of the data stream.
.TP
-.B \-\-noencrypt
-disable encryption. This is useful for overriding the application
-defaults in the host's
-.IR krb5.conf (5)
-file.
-.TP
.I host
Indicates the name, alias, or Internet address of the remote host.
.TP
the other side via the
.SM TELNET ENVIRON
option.
-.SH CONFIGURATION
-The following defaults may be specified in the [appdefaults] or [realms]
-section of the
-.IR krb5.conf (5)
-file:
-.TP "\w'.B forwardable\ \ 'u"
-.B forward
-Whether or not to forward tickets to the remote host. Takes a boolean
-argument.
-.TP
-.B forwardable
-Whether or not any forwarded tickets should be forwardable. Takes a
-boolean argument.
-.TP
-.B encrypt
-Whether or not to encrypt the data stream. Takes a boolean argument.
-.TP
-.B autologin
-Whether or not to attempt automatic login. Takes a boolean argument.
-.PP
-For example:
-.sp
-.nf
-.in +1i
-[appdefaults]
- telnet = {
- forwardable = true
- forward = true
- encrypt = true
- autologin = true
- }
-[realms]
- FUBAR.ORG = {
- telnet = {
- forward = false
- }
- }
-.in -1i
-.fi
-.sp
.SH FILES
-.TP "\w'/etc/krb5.conf\ \ 'u"
-/etc/krb5.conf
-file containing local host's Kerberos V5 configuration information
-.sp -1v
+.TP "\w'~/.telnetrc\ \ 'u"
.TP
~/.telnetrc
user-customized telnet startup values
.\" permission. M.I.T. makes no representations about the suitability of
.\" this software for any purpose. It is provided "as is" without express
.\" or implied warranty.
-.\"
-.\"
-.TH KINIT 1 "Kerberos Version 5.0" "MIT Project Athena"
+.\" "
+.so man1/header.doc
+.TH KINIT 1 \*h
.SH NAME
kinit \- obtain and cache Kerberos ticket-granting ticket
.SH SYNOPSIS
+.TP
.B kinit
-[
-.B \-l
-.I lifetime
-] [
-.B \-s
-.I starttime
-] [
-.B \-v
-] [
-.B \-p
-] [
-.B \-f
-] [
-.B \-r
-.I rlife
-] [
-.B \-R
-] [
-.B \-c
-.I cachename
-]
-.I principal
+.ad l
+[\fB\-l\fP \fIlifetime\fP] [\fB\-s\fP \fIstart_time\fP] [\fB\-v\fP]
+[\fB\-p\fP] [\fB\-f\fP] [\fB\-k\fP [\fB\-t\fP \fIkeytab_file\fP]]
+[\fB\-r\fP \fIrenewable_life\fP] [\fB\-R\fP] [\fB\-c\fP
+\fIcache_name\fP] [\fB\-S\fP \fIservice_name\fP] [\fIprincipal\fP]
+.ad b
.br
.SH DESCRIPTION
.I kinit
obtains and caches an initial ticket-granting ticket for
.IR principal .
-The
+.SH OPTIONS
+.TP
+\fB\-l\fP \fIlifetime\fP
+requests a ticket with the lifetime
+.IR lifetime .
+The value for
+.I lifetime
+must be followed immediately by one of the following delimiters:
+.sp
+.nf
+.in +.3i
+\fBs\fP seconds
+\fBm\fP minutes
+\fBh\fP hours
+\fBd\fP days
+.in -.3i
+.fi
+.sp
+as in "kinit -l 90m". You cannot mix units; a value of `3h30m' will
+result in an error.
+.sp
+If the
.B \-l
-option specifies the lifetime to be requested for the ticket;
-if this option is not specified, the default ticket lifetime (configured
-by each site) is used instead.
-.PP
-The
-.B \-s
-option specifies the start time, and causes you to get a postdated ticket.
-Postdated tickets are issued with the
+option is not specified, the default ticket lifetime (configured by each
+site) is used. Specifying a ticket lifetime longer than the maximum
+ticket lifetime (configured by each site) results in a ticket with the
+maximum lifetime.
+.TP
+\fB\-s\fP \fIstart_time\fP
+requests a postdated ticket, valid starting at
+.IR start_time .
+Postdated tickets are issued with the
.I invalid
-flag set, and needs to be fed back to the kdc before use. This may be
-accomplished by using the
+flag set, and need to be fed back to the kdc before use.
+.TP
.B \-v
-option.
-.PP
-The
-.B \-p
-option specifies that the PROXIABLE option should be requested for the
+requests that the ticket granting ticket in the cache (with the
+.I invalid
+flag set) be passed to the kdc for validation. If the ticket is within
+its requested time range, the cache is replaced with the validated
ticket.
-.PP
-The
+.TP
+.B \-p
+request proxiable tickets.
+.TP
.B \-f
-option specifies that the FORWARDABLE option should be requested for the
-ticket.
-.PP
-The
-.B \-r
-.I rlife
-option specifies that the RENEWABLE option should be requested for the
-ticket, and specifies the desired total lifetime of the ticket. To renew
-the ticket, the
+request forwardable tickets.
+.TP
+\fB\-r\fP \fIrenewable_life\fP
+requests renewable tickets, with a total lifetime of
+.IR renewable_life .
+The duration is in the same format as the
+.B \-l
+option, with the same delimiters.
+.TP
.B \-R
-option is used. Note that you must renew the ticket before it has
-expired.
-.PP
-The
-.B \-c
-option can be used to specify an alternate credentials cache; if this
-option is not used, the default cache is used. Any contents of the
-cache are destroyed by
-.IR kinit .
-.PP
-The
-.B \-s
-option can be used to specify an alternate service name to use when
-getting initial tickets.
-.PP
-The default credentials cache may vary between systems; however, if the
+requests renewal of the ticket-granting ticket. Note that an expired
+ticket cannot be renewed, even if the ticket is still within its
+renewable life.
+.TP
+\fB\-k\fP [\fB\-t\fP \fIkeytab_file\fP]
+requests a host ticket, obtained from a key in the local host's
+.I keytab
+file. The name and location of the keytab file may be specified with
+the
+.B \-t
+.I keytab_file
+option; otherwise the default name and location will be used.
+.TP
+\fB\-c\fP \fIcache_name\fP
+use
+.I cache_name
+as the credentials (ticket) cache name and location; if this option is
+not used, the default cache name and location are used.
+.sp
+The default credentials cache may vary between systems. If the
.B KRB5CCNAME
environment variable is set, its value is used to name the default
-ticket cache.
+ticket cache. Any existing contents of the cache are destroyed by
+.IR kinit .
+.TP
+\fB\-S\fP \fIservice_name\fP
+specify an alternate service name to use when
+getting initial tickets.
+.SH ENVIRONMENT
+.B Kinit
+uses the following environment variable:
+.TP "\w'.SM KRB5CCNAME\ \ 'u"
+.SM KRB5CCNAME
+Location of the credentials (ticket) cache.
.SH FILES
-.TP 2i
+.TP "\w'/tmp/krb5cc_[uid]\ \ 'u"
/tmp/krb5cc_[uid]
-as the normal default credentials cache ([uid] is the decimal UID of the user).
+default credentials cache ([uid] is the decimal UID of the user).
+.TP
+/etc/v5srvtab
+default location for the local host's
+.B keytab
+file.
.SH SEE ALSO
klist(1), kdestroy(1), krb5(3)
-.SH BUGS
projects / krb5.git / commitdiff