This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Klist
Klist

Version management

Difference between version and

At line 1 added 111 lines
!!! Overview
[{$pagename}] lists the [Kerberos Principal] and [Kerberos] tickets held in a credentials cache, or the keys held in a keytab file.
[{$pagename}] is on both [Windows|http://technet.microsoft.com/en-us/library/hh134826.aspx|target='_blank'] and is in the [MIT User Commands|http://web.mit.edu/kerberos/krb5-devel/doc/user/user_commands/index.html|target='_blank'].
The command syntax is slightly different depending on the platform.
!! Command line
! [{$pagename}]
Issuing [{$pagename}] with no parameters will return all the "Cached Tickets" along with information similar to:
{{{
C:\Users\userid>klist
Current LogonId is 0:0x13bd47
Cached Tickets: (5)
#0> Client: userid @ YOURDOMAIN.NET
Server: krbtgt/servername.yourdomain.net @ YOURDOMAIN.NET
KerbTicket Encryption Type: AES-256-CTS-HMAC-SHA1-96
Ticket Flags 0x40e00000 -> forwardable renewable initial pre_authent
Start Time: 10/30/2013 7:23:44 (local)
End Time: 10/30/2013 17:23:44 (local)
Renew Time: 11/6/2013 7:23:44 (local)
Session Key Type: AES-256-CTS-HMAC-SHA1-96#1> Client: userid @ YOURDOMAIN.NET
Server: cifs/servername.yourdomain.net @ YOURDOMAIN.NET
KerbTicket Encryption Type: RSADSI RC4-HMAC(NT)
Ticket Flags 0x40a00000 -> forwardable renewable pre_authent
Start Time: 10/30/2013 8:12:02 (local)
End Time: 10/30/2013 17:23:44 (local)
Renew Time: 11/6/2013 7:23:44 (local)
Session Key Type: RSADSI RC4-HMAC(NT)#2> Client: userid @ YOURDOMAIN.NET
Server: LDAP/servername.yourdomain.net/YOURDOMAIN.NET @ YOURDOMAIN.NET
KerbTicket Encryption Type: AES-256-CTS-HMAC-SHA1-96
Ticket Flags 0x40a40000 -> forwardable renewable pre_authent ok_as_delegate
Start Time: 10/30/2013 8:12:02 (local)
End Time: 10/30/2013 17:23:44 (local)
Renew Time: 11/6/2013 7:23:44 (local)
Session Key Type: AES-256-CTS-HMAC-SHA1-96#3> Client: userid @ YOURDOMAIN.NET
Server: cifs/servername.yourdomain.net @ YOURDOMAIN.NET
KerbTicket Encryption Type: RSADSI RC4-HMAC(NT)
Ticket Flags 0x40a00000 -> forwardable renewable pre_authent
Start Time: 10/30/2013 8:12:01 (local)
End Time: 10/30/2013 17:23:44 (local)
Renew Time: 11/6/2013 7:23:44 (local)
Session Key Type: RSADSI RC4-HMAC(NT)#4> Client: userid @ YOURDOMAIN.NET
Server: host/yourworkstation.nwie.net @ YOURDOMAIN.NET
KerbTicket Encryption Type: AES-256-CTS-HMAC-SHA1-96
Ticket Flags 0x40a00000 -> forwardable renewable pre_authent
Start Time: 10/30/2013 7:23:44 (local)
End Time: 10/30/2013 17:23:44 (local)
Renew Time: 11/6/2013 7:23:44 (local)
Session Key Type: AES-256-CTS-HMAC-SHA1-96
}}}
* LogonID: or The LUID: Identified in hexadecimal
* Client: The concatenation of the client name and the domain name of the client
* Server: The concatenation of the service name and the domain name of the service
* KerbTicket Encryption Type: The encryption type that is used to encrypt the Kerberos ticket
* Ticket Flags: The Kerberos ticket flags
* Start Time: The time from which the ticket will be valid
* End Time: The time the ticket becomes no longer valid. When a ticket is past this time, it can no longer be used to authenticate to a service or be used for renewal
* Renew Time: The time that a new initial authentication is required
* Session Key Type: The encryption algorithm that is used for the session key
! [{$pagename}] tgt
Using the argument "tgt" will show the parameters of the "tgt" similar to:
{{{
C:\Users\userid>klist tgt |more
Current LogonId is 0:0x13bd47
Cached TGT:
ServiceName : krbtgt
TargetName (SPN) : krbtgt
ClientName : userid
DomainName : YOURDOMAIN.NET
TargetDomainName : YOURDOMAIN.NET
AltTargetDomainName: YOURDOMAIN.NET
Ticket Flags : 0x40e00000 -> forwardable renewable initial pre_authent
Session Key : KeyType 0x12 - AES-256-CTS-HMAC-SHA1-96
: KeyLength 32 - 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
StartTime : 10/30/2013 7:23:44 (local)
EndTime : 10/30/2013 17:23:44 (local)
RenewUntil : 11/6/2013 7:23:44 (local)
TimeSkew : + 0:00 minute(s)
EncodedTicket : (size: 1742)
0000 61 82 06 ca 30 82 06 c6:a0 03 02 01 05 a1 0a 1b a...0...........
<-- remaining content suppressed for space reasons -->
}}}
* LogonID: Identified in hexadecimal
* ServiceName: krbtgt
* TargetName <SPN>: krbtgt
* DomainName: Name of the domain that issues the TGT
* TargetDomainName: Domain that the TGT is issued to
* AltTargetDomainName: Domain that the TGT is issued to
* Ticket Flags: Address and target actions and type
* Session Key: Key length and encryption algorithm
* StartTime: Local computer time that the ticket was requested
* EndTime: Time the ticket becomes no longer valid. When a ticket is past this time, it can no longer be used to authenticate to a service.
* RenewUntil: Deadline for ticket renewal
* TimeSkew: Time difference with the Key Distribution Center (KDC)
* EncodedTicket: Encoded ticket
! [{$pagename}] purge
Allows you to delete a specific ticket. Purging tickets destroys all tickets that you have cached, so use this attribute with caution. It might stop you from being able to authenticate to resources. If this happens, you will have to log off and log on again.
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop