Provided by: openafs-kpasswd_1.4.1-2_i386 bug

NAME

       kas interactive - Enters interactive mode

SYNOPSIS

       kas interactive
           << [-admin_username <admin principal to use for authentication] >>>
           << [-password_for_admin <admin password] >>> << [-cell <cell name]
       >>>
           << [-servers <explicit list of authentication servers+] >>>
           [-noauth] [-help]

       kas i << [-a <admin principal to use for authentication] >>>
           << [-p <admin password] >>> << [-c <cell name] >>>
           << [-s <explicit list of authentication servers+] >>> [-n] [-h]

DESCRIPTION

       The kas interactive command establishes an interactive session for the
       issuer of the command. By default, the command interpreter establishes
       an authenticated connection for the user logged into the local file
       system with all of the Authentication Servers listed in the local
       /etc/openafs/CellServDB file for the cell named in the local
       /etc/openafs/ThisCell file. To specify an alternate identity, cell
       name, or list of Authentication Servers, include the -admin_username,
       -cell, or -servers arguments respectively. Interactive mode lasts for
       six hours unless the maximum ticket lifetime for the issuer or the
       Authentication Server’s Ticket Granting Service is shorter.

       There are two other ways to enter interactive mode, in addition to the
       kas interactive command:

       ·   Type the kas command at the shell prompt without any operation
           code. If appropriate, include one or more of the -admin_username,
           -password_for_admin, -cell, and -servers arguments.

       ·   Type the kas command followed by a user name and cell name,
           separated by an @ sign (for example: kas admin@abc.com), to
           establish a connection under the specified identity with the
           Authentication Servers listed in the local /etc/openafs/CellServDB
           file for the indicated cell. If appropriate, provide the -servers
           argument to specify an alternate list of Authentication Server
           machines that belong to the indicated cell.

       There are several consequences of entering interactive mode:

       ·   The < ka >> prompt replaces the system (shell) prompt. When typing
           commands at this prompt, provide only the operation code (omit the
           command suite name, kas).

       ·   The command interpreter does not prompt for the issuer’s password.

           The issuer’s identity and password, the relevant cell, and the set
           of Authentication Server machines specified when entering
           interactive mode apply to all commands issued during the session.
           They cannot be changed without leaving the session, except by using
           the kas noauthentication command to replace the current
           authenticated connections with unauthenticated ones. The
           -admin_username, -password_for_admin, -cell, and -servers arguments
           are ignored if provided on a command issued during interactive
           mode.

       To establish an unauthenticated connection to the Authentication
       Server, include the -noauth flag or provide an incorrect password.
       Unless authorization checking is disabled on each Authentication Server
       machine involved, however, it is not possible to perform any privileged
       operations within such a session.

       To end the current authenticated connection and establish an
       unauthenticated one, issue the kas noauthentication command. To leave
       interactive mode and return to the regular shell prompt, issue the kas
       quit command.

OPTIONS

       -admin_username <admin principal>
           Specifies the user identity under which to authenticate with the
           Authentication Server for execution of the command. For more
           details, see the kas(8) manpage.

       -password_for_admin <admin password>
           Specifies the password of the command’s issuer. If it is omitted
           (as recommended), the kas command interpreter prompts for it and
           does not echo it visibly. For more details, see the kas(8) manpage.

       -cell <cell name>
           Names the cell in which to run the command. For more details, see
           the kas(8) manpage.

       -servers <authentication servers>+
           Names each machine running an Authentication Server with which to
           establish a connection. For more details, see the kas(8) manpage.

       -noauth
           Assigns the unprivileged identity anonymous to the issuer. For more
           details, see the kas(8) manpage.

       -help
           Prints the online help for this command. All other valid options
           are ignored.

EXAMPLES

       The following example shows a user entering interactive mode as the
       privileged user admin.

          % kas interactive admin
          Password for admin: I<admin_password>
          ka>

PRIVILEGE REQUIRED

       None

SEE ALSO

       the kas(8) manpage, the kas_noauthentication(8) manpage, the
       kas_quit(8) manpage

COPYRIGHT

       IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.

       This documentation is covered by the IBM Public License Version 1.0.
       It was converted from HTML to POD by software written by Chas Williams
       and Russ Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.