18 *service1 service2* ...
24 kvno acquires a service ticket for the specified Kerberos principals
25 and prints out the key version numbers of each.
32 Specifies the name of a credentials cache to use (if not the
36 Specifies the enctype which will be requested for the session key
37 of all the services named on the command line. This is useful in
38 certain backward compatibility situations.
41 Suppress printing output when successful. If a service ticket
42 cannot be obtained, an error message will still be printed and
43 kvno will exit with nonzero status.
46 Prints a usage statement and exits.
49 Specifies that the *service1 service2* ... arguments are to be
50 treated as services for which credentials should be acquired using
51 constrained delegation. This option is only valid when used in
52 conjunction with protocol transition.
55 Specifies that the *service1 service2* ... arguments are
56 interpreted as hostnames, and the service principals are to be
57 constructed from those hostnames and the service name *sname*.
58 The service hostnames will be canonicalized according to the usual
59 rules for constructing service principals.
62 Specifies that protocol transition (S4U2Self) is to be used to
63 acquire a ticket on behalf of *for_user*. If constrained
64 delegation is not requested, the service name must match the
65 credentials cache client principal.
68 Requests a user-to-user ticket. *ccache* must contain a local
69 krbtgt ticket for the server principal. The reported version
70 number will typically be 0, as the resulting ticket is not
71 encrypted in the server's long-term key.
76 See :ref:`kerberos(7)` for a description of Kerberos environment
84 Default location of the credentials cache
90 :ref:`kinit(1)`, :ref:`kdestroy(1)`, :ref:`kerberos(7)`