Provided by: openafs-kpasswd_1.6.15-1ubuntu1.1_amd64 bug

NAME
       kas_interactive - Enters interactive mode


SYNOPSIS
       kas interactive
           [-admin_username <admin principal to use for authentication>]
           [-password_for_admin <admin password>] [-cell <cell name>]
           [-servers <explicit list of authentication servers>+]
           [-noauth] [-help]

       kas i [-a <admin principal to use for authentication>]
           [-p <admin password>] [-c <cell name>]
           [-s <explicit list of authentication servers>+] [-n] [-h]


DESCRIPTION
       The kas interactive command establishes an interactive session for the issuer of the command. By default,
       the command interpreter establishes an authenticated connection for the user logged into the local file
       system with all of the Authentication Servers listed in the local /etc/openafs/CellServDB file for the
       cell named in the local /etc/openafs/ThisCell file. To specify an alternate identity, cell name, or list
       of Authentication Servers, include the -admin_username, -cell, or -servers arguments respectively.
       Interactive mode lasts for six hours unless the maximum ticket lifetime for the issuer or the
       Authentication Server's Ticket Granting Service is shorter.

       There are two other ways to enter interactive mode, in addition to the kas interactive command:

       •   Type  the  kas command at the shell prompt without any operation code. If appropriate, include one or
           more of the -admin_username, -password_for_admin, -cell, and -servers arguments.

       •   Type the kas command followed by a user name and cell name, separated by an "@"  sign  (for  example:
           kas  admin@abc.com),  to  establish a connection under the specified identity with the Authentication
           Servers listed in the local /etc/openafs/CellServDB file for  the  indicated  cell.  If  appropriate,
           provide  the  -servers  argument  to specify an alternate list of Authentication Server machines that
           belong to the indicated cell.

       There are several consequences of entering interactive mode:

       •   The "ka>" prompt replaces the system (shell) prompt. When typing commands  at  this  prompt,  provide
           only the operation code (omit the command suite name, kas).

       •   The command interpreter does not prompt for the issuer's password.

           The  issuer's identity and password, the relevant cell, and the set of Authentication Server machines
           specified when entering interactive mode apply to all commands issued during the session. They cannot
           be changed without leaving the session, except by using the kas noauthentication command  to  replace
           the   current   authenticated   connections   with   unauthenticated   ones.   The   -admin_username,
           -password_for_admin, -cell, and -servers arguments are ignored if provided on a command issued during
           interactive mode.

       To establish an unauthenticated connection to the Authentication Server,  include  the  -noauth  flag  or
       provide  an  incorrect password.  Unless authorization checking is disabled on each Authentication Server
       machine involved, however, it is not possible to perform any privileged operations within such a session.

       To end the current  authenticated  connection  and  establish  an  unauthenticated  one,  issue  the  kas
       noauthentication command. To leave interactive mode and return to the regular shell prompt, issue the kas
       quit command.


OPTIONS
       -admin_username <admin principal>
           Specifies  the user identity under which to authenticate with the Authentication Server for execution
           of the command. For more details, see kas(8).

       -password_for_admin <admin password>
           Specifies the password of the command's issuer. If it is omitted (as recommended),  the  kas  command
           interpreter prompts for it and does not echo it visibly. For more details, see kas(8).

       -cell <cell name>
           Names the cell in which to run the command. For more details, see kas(8).

       -servers <authentication servers>+
           Names  each  machine  running an Authentication Server with which to establish a connection. For more
           details, see kas(8).

       -noauth
           Assigns the unprivileged identity "anonymous" to the issuer. For more details, see kas(8).

       -help
           Prints the online help for this command. All other valid options are ignored.


EXAMPLES
       The following example shows a user entering interactive mode as the privileged user "admin".

          % kas interactive admin
          Password for admin: I<admin_password>
          ka>


PRIVILEGE REQUIRED
       None


SEE ALSO
       kas(8), kas_noauthentication(8), kas_quit(8)


COPYRIGHT
       IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.

       This documentation is covered by the IBM Public License Version 1.0.  It was converted from HTML  to  POD
       by  software  written  by  Chas  Williams  and Russ Allbery, based on work by Alf Wachsmann and Elizabeth
       Cassell.

OpenAFS                                            2021-04-01                                 KAS_INTERACTIVE(8)