1.\" $NetBSD: kimpersonate.8,v 1.3 2011/04/28 14:07:12 wiz Exp $ 2.\" 3.\" Copyright (c) 2002 - 2007 Kungliga Tekniska Högskolan 4.\" (Royal Institute of Technology, Stockholm, Sweden). 5.\" All rights reserved. 6.\" 7.\" Redistribution and use in source and binary forms, with or without 8.\" modification, are permitted provided that the following conditions 9.\" are met: 10.\" 11.\" 1. Redistributions of source code must retain the above copyright 12.\" notice, this list of conditions and the following disclaimer. 13.\" 14.\" 2. Redistributions in binary form must reproduce the above copyright 15.\" notice, this list of conditions and the following disclaimer in the 16.\" documentation and/or other materials provided with the distribution. 17.\" 18.\" 3. Neither the name of the Institute nor the names of its contributors 19.\" may be used to endorse or promote products derived from this software 20.\" without specific prior written permission. 21.\" 22.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 23.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 26.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32.\" SUCH DAMAGE. 33.\" 34.\" Id 35.\" 36.Dd September 18, 2006 37.Dt KIMPERSONATE 8 38.Os 39.Sh NAME 40.Nm kimpersonate 41.Nd 42impersonate a user when there exist a srvtab, keyfile or KeyFile 43.Sh SYNOPSIS 44.Nm 45.Op Fl s Ar string \*(Ba Fl -server= Ns Ar string 46.Op Fl c Ar string \*(Ba Fl -client= Ns Ar string 47.Op Fl k Ar string \*(Ba Fl -keytab= Ns Ar string 48.Op Fl 5 | Fl -krb5 49.Op Fl e Ar integer \*(Ba Fl -expire-time= Ns Ar integer 50.Op Fl a Ar string \*(Ba Fl -client-address= Ns Ar string 51.Op Fl t Ar string \*(Ba Fl -enc-type= Ns Ar string 52.Op Fl f Ar string \*(Ba Fl -ticket-flags= Ns Ar string 53.Op Fl -verbose 54.Op Fl -version 55.Op Fl -help 56.Sh DESCRIPTION 57The 58.Nm 59program creates a "fake" ticket using the service-key of the service. 60The service key can be read from a Kerberos 5 keytab, AFS KeyFile or 61(if compiled with support for Kerberos 4) a Kerberos 4 srvtab. 62Supported options: 63.Bl -tag -width Ds 64.It Fl s Ar string Ns , Fl -server= Ns Ar string 65name of server principal 66.It Fl c Ar string Ns , Fl -client= Ns Ar string 67name of client principal 68.It Fl k Ar string Ns , Fl -keytab= Ns Ar string 69name of keytab file 70.It Fl 5 Ns , Fl -krb5 71create a Kerberos 5 ticket 72.It Fl e Ar integer Ns , Fl -expire-time= Ns Ar integer 73lifetime of ticket in seconds 74.It Fl a Ar string Ns , Fl -client-address= Ns Ar string 75address of client 76.It Fl t Ar string Ns , Fl -enc-type= Ns Ar string 77encryption type 78.It Fl f Ar string Ns , Fl -ticket-flags= Ns Ar string 79ticket flags for krb5 ticket 80.It Fl -verbose 81Verbose output 82.It Fl -version 83Print version 84.It Fl -help 85.El 86.Sh FILES 87Uses 88.Pa /etc/krb5.keytab, 89.Pa /etc/srvtab 90and 91.Pa /usr/afs/etc/KeyFile 92when available and the 93.Fl k 94option is used with an appropriate prefix. 95.Sh EXAMPLES 96.Nm 97can be used in 98.Nm samba 99root preexec option 100or for debugging. 101.Nm 102-s host/hummel.e.kth.se@E.KTH.SE -c lha@E.KTH.SE -5 103will create a Kerberos 5 ticket for lha@E.KTH.SE for the host 104hummel.e.kth.se if there exists a keytab entry for it in 105.Pa /etc/krb5.keytab . 106.Sh SEE ALSO 107.Xr kinit 1 , 108.Xr klist 1 109.Sh AUTHORS 110Love Hornquist Astrand <lha@kth.se> 111