Provided by: heimdal-clients_1.6~git20120311.dfsg.1-2_amd64 bug


     klist — list Kerberos credentials


     klist [-c cache | --cache=cache] [-s | -t | --test] [-T | --tokens] [-5 | --v5]
           [-v | --verbose] [-l | --list-caches] [-f] [--version] [--help]


     klist reads and displays the current tickets in the credential cache (also known as the
     ticket file).

     Options supported:

     -c cache, --cache=cache
             credential cache to list

     -s, -t, --test
             Test for there being an active and valid TGT for the local realm of the user in the
             credential cache.

     -T, --tokens
             display AFS tokens

     -5, --v5
             display v5 cred cache (this is the default)

     -f      Include ticket flags in short form, each character stands for a specific flag, as
                   F    forwardable
                   f    forwarded
                   P    proxiable
                   p    proxied
                   D    postdate-able
                   d    postdated
                   R    renewable
                   I    initial
                   i    invalid
                   A    pre-authenticated
                   H    hardware authenticated

             This information is also output with the --verbose option, but in a more verbose

     -v, --verbose
             Verbose output. Include all possible information:

                         the principal the ticket is for

                   Ticket etype
                         the encryption type used in the ticket, followed by the key version of
                         the ticket, if it is available

                   Session key
                         the encryption type of the session key, if it's different from the
                         encryption type of the ticket

                   Auth time
                         the time the authentication exchange took place

                   Start time
                         the time that this ticket is valid from (only printed if it's different
                         from the auth time)

                   End time
                         when the ticket expires, if it has already expired this is also noted

                   Renew till
                         the maximum possible end time of any ticket derived from this one

                   Ticket flags
                         the flags set on the ticket

                         the set of addresses from which this ticket is valid

     -l, --list-caches
             List the credential caches for the current users, not all cache types supports
             listing multiple caches.


     kdestroy(1), kinit(1)