KINIT(1)KINIT(1)NAMEkinit - Kerberos login utility
SYNOPSISkinit [ -irvl ]
DESCRIPTION
The kinit command is used to login to the Kerberos authentication and
authorization system. Note that only registered Kerberos users can use
the Kerberos system. For information about registering as a Kerberos
user, see the kerberos(1) manual page.
If you are logged in to a workstation that is running the toehold ser‐
vice, you do not have to use kinit. The toehold login procedure will
log you into Kerberos automatically. You will need to use kinit only
in those situations in which your original tickets have expired.
(Tickets expire in about a day.) Note as well that toehold will auto‐
matically destroy your tickets when you logout from the workstation.
When you use kinit without options, the utility prompts for your user‐
name and Kerberos password, and tries to authenticate your login with
the local Kerberos server.
If Kerberos authenticates the login attempt, kinit retrieves your ini‐
tial ticket and puts it in the ticket file specified by your KRBTKFILE
environment variable. If this variable is undefined, your ticket will
be stored in the /tmp directory, in the file tktuid , where uid speci‐
fies your user identification number.
If you have logged in to Kerberos without the benefit of the worksta‐
tion toehold system, make sure you use the kdestroy command to destroy
any active tickets before you end your login session. You may want to
put the kdestroy command in your .logout file so that your tickets will
be destroyed automatically when you logout.
The options to kinit are as follows:
-ikinit prompts you for a Kerberos instance.
-rkinit prompts you for a Kerberos realm. This option lets you
authenticate yourself with a remote Kerberos server.
-v Verbose mode. kinit prints the name of the ticket file used,
and a status message indicating the success or failure of your
login attempt.
-lkinit prompts you for a ticket lifetime in minutes. Due to pro‐
tocol restrictions in Kerberos Version 4, this value must be
between 5 and 1275 minutes.
SEE ALSOkerberos(1), kdestroy(1), klist(1), toehold(1)BUGS
The -r option has not been fully implemented.
AUTHORS
Steve Miller, MIT Project Athena/Digital Equipment Corporation
Clifford Neuman, MIT Project Athena
MIT Project Athena Kerberos Version 4.0 KINIT(1)