| KGETCRED(1) | General Commands Manual | KGETCRED(1) | 
kgetcred —
| kgetcred | [ --canonicalize]
      [--canonical]
      [-c-cache|--cache=cache]
      [-eenctype |--enctype=enctype]
      [--debug]
      [-H|--hostbased]
      [--name-type=name-type]
      [--no-transit-check]
      [--no-store]
      [--cached-only]
      [--version]
      [--help]
      principal | 
| kgetcred | [options] --hostbasedprincipal | 
| kgetcred | [options] --hostbasedservice hostname
      [extra-components] | 
kgetcred obtains a ticket for the given service
  principal. Usually tickets for services are obtained automatically when needed
  but sometimes for some odd reason you want to obtain a particular ticket or of
  a special type.
If --hostbased is
    given then the given service principal name will be canonicalized (see
    below).
The third form constructs a host-based principal from the given service name and hostname. The service name "host" is used if the given service name in the third usage is the empty string.
For host-based names, the local host's hostname is used if the given hostname is the empty string or if the principal has a single component.
Any additional components will be included, even for host-based service principal names, but there are no defaults nor local canonicalization rules for additional components.
Local name canonicalization rules are applied unless the
    --canonical option is given.
    Currently local name canonicalization rules are supported only for
    host-based principal names' hostname component.
The principal's realm name may be canonicalized by following
    Kerberos referrals from the client principal's home realm if the
    --canonicalize option is
    given or if the local name canonicalization rules are configured to use
    referrals.
Supported options:
--canonicalize--canonical--name-type=name-type--hostbased--name-type=srv_hst.-c
    cache,
    --cache=cache--delegation-credential-cache=cache-e
    enctype,
    --enctype=enctype--no-transit-check--no-store--cached-only--forwardable--debug--version--helpIf the --canonical
    option is used, then no further canonicalization should be done locally by
    the client (for example, DNS), but if
    --canonicalize is used, then
    the client will ask that the KDC canonicalize the name.
If the
    --canonicalize option is
    used with --hostbased a
    host-based name-type, and
    --canonical is not used,
    then the hostname will be canonicalized according to the name
    canonicalization rules in krb5.conf.
GSS-API initiator applications with host-based services will get
    the same behavior as using the
    --canonicalize
    --hostbased options
  here.
| March 12, 2004 | NetBSD 9.4 |