Synopsis

klist [ [-c] [-f] [-e] [-a [-n]] ] [-k [-t] [-K] ] [name] [-help]]

Description

The klist tool displays the entries in the local credentials cache and key table. After you modify the credentials cache with the kinit tool or modify the keytab with the ktab tool, the only way to verify the changes is to view the contents of the credentials cache or keytab using the klist tool. The klist tool does not change the Kerberos database.

Commands

-c

List the credential cache entries. The following are the options for credential cache entries:

-f

Show credential flags.

-e

Show the encryption type.

-a

Show addresses.

-n

If the -a option is specified, do not reverse resolve addresses.

-k

List the keytab entries. The following are the options for keytab entries:

-t

Show keytab entry timestamps.

-K

Show keytab entry DES keys.

name

Specifies the credential cache name or the keytab name. If the name is not specified, the klist tool uses default values for the cache name and keytab. The kinit documentation lists these default values.

-help

Displays instructions.

Examples

List entries in the keytable specified including keytab entry timestamps and DES keys:

klist -k -t -K FILE:\temp\mykrb5cc

List entries in the credentials cache specified including credentials flag and address list:

klist -c -f FILE:\temp\mykrb5cc

See Also

• kinit(1)

• ktab(1)