Introduction
K-list method displays the entries in the local credentials cache and key table in the command line of the command line server.
Let’s Dive In;
The klist
method displays the entries in the local credentials cache and key table. The items in the key table and local credentials cache are shown by the klist
utility. The only method to confirm changes made after using the kinit
or ktab
tools to edit the credentials cache or keytab
is to employ the klist
method to see the contents of the storage device. The Kerberos database is not altered by the klist
utility. The klist
method then works with the following commands during display.
klist Commands
-c
Specifies that the credential cache is to be listed
The following are the options for credential cache entries:
- -f Show credential flags.
- -e Show the encryption type.
- -a Show addresses.
- –n If the -a option is specified, don’t reverse resolve addresses.
-k
Specifies the keytab to be listed
The following are the options for keytab
entries:
-
–t Show
keytab
entry timestamps. - -K Show keytab entry DES keys.
- -e Shows
keytab
entry key type.
name Specifies the credential cache name or the keytab
name. File-based cache or key tab’s prefix is FILE: If the name isn’t specified, the klist
method uses default values for the cache name and keytab
. The kinit
documentation lists these default values.
-help Displays instructions.
Code Example
klist -k -t -K FILE:\temp\mykrb5cc
klist -c -f FILE:\temp\mykrb5cc
In the first piece of code; List entries in the keytable
specified including keytab
entry timestamps and DES keys while in the second piece of code; List entries in the credentials cache specified including credentials flag and address list.
The FILE:\temp\mykrb5cc
includes the specific file to be executed.
Results
//Sample results from my command line C:\Users\admin>klist Current LogonId is 0:0xe87b2 Cached Tickets: (0)