Configuration Guide for Kerberos Client Products on HP-UX 11.0 | HP-UX 11i v1 | HP-UX 11i v1.6 | HP-UX 11i v2
Introduction to the Kerberos Products and GSS-API
KRB5 Client Software
Chapter 2 53
The kdestroy utility destroys the user’s active Kerberos authorization
tickets by writing zeros to the specified credentials cache that contains
them. If the credential cache is not specified, the default credential cache
is destroyed.
A user's credentials are not automatically removed by exiting from a
SHELL or logging out. You need to remove the credential cache files
manually before logging out using the kdestroy command.
If you use csh, you can include kdestroy in the .logout file in your
home directory. Additionally, the system administrator can remove
expired credential cache files using either a start script or a cron job to
recover disk space and prevent maliciously access to the network
credentials.
SYNOPSIS
/usr/bin/kdestroy [-q]
/usr/bin/kdestroy [-c] [cache_name]
OPTIONS
-q The -q option suppresses beeps if it fails to destroy the
user’s tickets.
-c The -c option uses cache_name as the credentials
(ticket) cache name and location; if cache_name is not
specified, the default cache name and location are used.
REFERENCE
To view the kdestroy man-page, issue the following command:
shell%: man 1 kdestroy
kpasswd
DESCRIPTION
kpasswd changes a user’s Kerberos password.