NAME
kpasswd — change a user's Kerberos password
DESCRIPTION
The
kpasswd
command is used to change a Kerberos principal's password.
kpasswd
prompts for the current Kerberos password, which is used to obtain a
changepw
ticket from the
KDC (Key Distribution Center)
for the user's Kerberos realm.
If
kpasswd
successfully obtains the
changepw
ticket, the user is prompted twice for the new password and the
password is changed.
If the principal is governed by a policy that specifies the length and/or
number of character classes required in the new password, the new
password must conform to the policy.
The five character classes are
lower case, upper case, numbers, punctuation, and all other characters.
Operands
- principal
Changes the password for the Kerberos principal,
principal.
kpasswd
uses the principal name from an existing cache if there is one.
If not, the principal is derived from the identity of the user
invoking the
kpasswd
command.
Note
kpasswd
looks first for
kpasswd_server = host:port
in the [realms] section of
the
krb5.conf
file under the current realm.
If that is missing,
kpasswd
looks for the admin_server entry and substitutes 464 for the port.
AUTHOR
kpasswd
was developed by the Massachusetts Institute of Technology.
FILES
- /etc/krb5.conf
Kerberos configuration file.
Printable version
