Introduction
K-list method displays the entries in the local credentials cache and key table in the command line of the command line server.
Let’s Dive In;
The klist method displays the entries in the local credentials cache and key table. The items in the key table and local credentials cache are shown by the klist utility. The only method to confirm changes made after using the kinit or ktab tools to edit the credentials cache or keytab is to employ the klist method to see the contents of the storage device. The Kerberos database is not altered by the klist utility. The klist method then works with the following commands during display.
klist Commands
-c Specifies that the credential cache is to be listed
The following are the options for credential cache entries:
- -f Show credential flags.
- -e Show the encryption type.
- -a Show addresses.
- –n If the -a option is specified, don’t reverse resolve addresses.
-k Specifies the keytab to be listed
The following are the options for keytab entries:
-
–t Show
keytabentry timestamps. - -K Show keytab entry DES keys.
- -e Shows
keytabentry key type.
name Specifies the credential cache name or the keytab name. File-based cache or key tab’s prefix is FILE: If the name isn’t specified, the klist method uses default values for the cache name and keytab. The kinit documentation lists these default values.
-help Displays instructions.
Code Example
klist -k -t -K FILE:\temp\mykrb5cc
klist -c -f FILE:\temp\mykrb5cc
In the first piece of code; List entries in the keytable specified including keytab entry timestamps and DES keys while in the second piece of code; List entries in the credentials cache specified including credentials flag and address list.
The FILE:\temp\mykrb5cc includes the specific file to be executed.
Results
//Sample results from my command line C:\Users\admin>klist Current LogonId is 0:0xe87b2 Cached Tickets: (0)
