kdestroy.1 (2010 09)
k
kdestroy(1) kdestroy(1)
NAME
kdestroy - destroy Kerberos tickets
SYNOPSIS
kdestroy [-q][-c cache_filename ]
DESCRIPTION
The
kdestroy utility destroys the user’s active Kerberos tickets by writing zeros to the specified creden-
tials cache that contains them. If the credentials cache is not specified, the default credentials cache is
destroyed.
Options
-q Run quietly. Normally kdestroy beeps if it fails to destroy the user’s tickets. The
-q flag suppresses this behavior.
-c cache_filename Use cache_filename as the credentials ticket cache name and location. If this option
is not used, the default cache name and location is used.
The default credentials cache may vary between systems. If the
KRB5CCNAME environment variable is
set, its value is used to name the default ticket cache.
Most installations recommend placing the
kdestroy command in the .logout file, so that tickets are
destroyed automatically upon log out.
Note
For DCE operations use
/opt/dce/bin/kdestroy
.
EXTERNAL INFLUENCES
Environment Variables
kdestroy uses the following environment variable:
KRB5CCNAME Location of the credentials ticket cache.
WARNINGS
Only the tickets in the specified credentials cache are destroyed.
Separate ticket caches are used to hold root instance and password changing tickets; even these should be
destroyed.
It is recommended that all user tickets be kept in a single credentials cache.
FILES
/tmp/krb5cc_{uid} Default credentials cache. {uid} is the decimal UID of the user.
AUTHOR
kdestroy was developed by the Massachusetts Institute of Technology.
SEE ALSO
kinit(1), klist(1), kerberos(5).
HP-UX 11i Version 3: September 2010 − 1 − Hewlett-Packard Company 1