Provided by: heimdal-clients_1.6~git20120311.dfsg.1-2_amd64 bug


     kimpersonate — impersonate a user when there exist a srvtab, keyfile or KeyFile


     kimpersonate [-s string | --server=string] [-c string | --client=string]
                  [-k string | --keytab=string] [-5 | --krb5]
                  [-e integer | --expire-time=integer] [-a string | --client-address=string]
                  [-t string | --enc-type=string] [-f string | --ticket-flags=string] [--verbose]
                  [--version] [--help]


     The kimpersonate program creates a "fake" ticket using the service-key of the service.  The
     service key can be read from a Kerberos 5 keytab, AFS KeyFile or (if compiled with support
     for Kerberos 4) a Kerberos 4 srvtab.  Supported options:

     -s string, --server=string
             name of server principal

     -c string, --client=string
             name of client principal

     -k string, --keytab=string
             name of keytab file

     -5, --krb5
             create a Kerberos 5 ticket

     -e integer, --expire-time=integer
             lifetime of ticket in seconds

     -a string, --client-address=string
             address of client

     -t string, --enc-type=string
             encryption type

     -f string, --ticket-flags=string
             ticket flags for krb5 ticket

             Verbose output

             Print version



     Uses /etc/krb5.keytab, /etc/srvtab and /usr/afs/etc/KeyFile when available and the -k option
     is used with an appropriate prefix.


     kimpersonate can be used in samba root preexec option or for debugging.  kimpersonate -s
     host/ -c lha@E.KTH.SE -5 will create a Kerberos 5 ticket for
     lha@E.KTH.SE for the host if there exists a keytab entry for it in


     kinit(1), klist(1)


     Love Hornquist Astrand <>