NAME
kdestroy — destroy Kerberos tickets
SYNOPSIS
kdestroy
[-q]
[-c
cache_filename]
DESCRIPTION
The
kdestroy
utility destroys the user's active Kerberos tickets by
writing zeros to the specified credentials cache that contains them.
If
the credentials cache is not specified, the default credentials cache is
destroyed.
Options
- -q
Run quietly.
Normally,
kdestroy
beeps if it fails to destroy the user's tickets.
The
-q
flag suppresses this behavior.
- -c cache_filename
Use
cache_filename
as the credentials ticket cache name and location.
If this option is
not used, the default cache name and location is used.
The default credentials cache may vary between systems.
If the
KRB5CCNAME
environment variable is set, its value is used to name the default
ticket cache.
Most installations recommend placing the
kdestroy
command in the
.logout
file, so that tickets are destroyed automatically upon log out.
Note
For DCE operations use
/opt/dce/bin/kdestroy.
EXTERNAL INFLUENCES
Environment Variables
kdestroy
uses the following environment variable:
- KRB5CCNAME
Location of the credentials ticket cache.
WARNINGS
Only the tickets in the specified credentials cache are destroyed.
Separate ticket caches are used to hold root instance and password
changing tickets; even these should be destroyed.
It is recommended that
all user tickets be kept in a single credentials cache.
FILES
- /tmp/krb5cc_{uid}
Default credentials cache.
{uid}
is the decimal UID of the user.
AUTHOR
kdestroy
was developed
by the Massachusetts Institute of Technology.
Printable version
