man kas_listtickets (Administration système) - Displays all of the issuer's tickets (tokens)

NAME

kas listtickets - Displays all of the issuer's tickets (tokens)

SYNOPSIS

kas listtickets << [-name <name of server] >>> [-long] [-help]

kas listt << [-n <name of server] >>> [-l] [-h]

DESCRIPTION

The kas listtickets command displays the associated user ID (AFS UID), cell name, and expiration date of some or all of the issuer's tickets (tokens), depending on which options are provided: To display all tokens, provide neither the -name argument nor -long flag. The output is similar to that of the tokens command. To display a single token, provide the -name argument to specify name of the Authentication Database entry for the entity that accepts the token. All AFS server processes accept tokens sealed with the key from the CWafs entry. To display in addition the octal numbers that constitute the token and session key, provide the -long flag.

OPTIONS

Names the Authentication Database entry of the entity (usually a server process) that accepts the token to display. Displays the octal numbers that constitute the session key and ticket. Prints the online help for this command. All other valid options are ignored.

OUTPUT

The output reports the AFS UID of the user who owns the token, the service (usually, CWafs) and cell for which it is valid, and its expiration date, using the following format. If the message does not specify a cell, the ticket is for the local cell.

   User's (AFS ID <AFS UID>) tokens for <service>[@<cellname>] \
       [Expires <date>]
If the -long flag is provided, the output also includes the octal numbers making up the session key and token, along with the key version number and the number of bytes in the token (if the number of bytes is not 56, there is an error).

If the marker CW<< [> POSTDATED <] >>> appears instead of an expiration date, the ticket does not become valid until the indicated time. (Only internal calls can create a postdated ticket; there is no standard interface that allows users to do this.)

EXAMPLES

The following two examples are for a user with AFS UID 1020 in the CWabc.com cell and AFS UID 35 in the CWtest.abc.com cell. He is working on a machine in the first cell and is authenticated in both cells.

   % kas listtickets
   User's (AFS ID 1020) tokens for afs [Expires Wed Mar 31 9:30:54 1999]
   User's (AFS ID 35@test.abc.com) tokens for afs@test.abc.com \
             [Expires Wed Mar 31 13:54:26 1999]
   % kas listtickets -name afs -long
   User's (AFS ID 1020) tokens for afs [Expires Wed Mar 31 9:30:54 1999]
   SessionKey: \375\205\351\227\032\310\263\013
   Ticket: (kvno = 0, len = 56): \033\005\221\156\203\278\312\058\016\133...

PRIVILEGE REQUIRED

None, and no password is required.

SEE ALSO

the kas(8) manpage, the tokens(1) manpage

COPYRIGHT

IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.

This documentation is covered by the IBM Public License Version 1.0. It was converted from HTML to POD by software written by Chas Williams and Russ Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.