1 | .\" Copyright 1989 by the Massachusetts Institute of Technology. |
---|
2 | .\" |
---|
3 | .\" For copying and distribution information, |
---|
4 | .\" please see the file <mit-copyright.h>. |
---|
5 | .\" |
---|
6 | .TH KPASSWD 1 "Kerberos Version 4.0" "MIT Project Athena" |
---|
7 | .FM mit |
---|
8 | .SH NAME |
---|
9 | kpasswd \- change a user's Kerberos password |
---|
10 | .SH SYNOPSIS |
---|
11 | .B kpasswd |
---|
12 | [ |
---|
13 | .B \-h |
---|
14 | ] [ |
---|
15 | .B \-n |
---|
16 | .I name |
---|
17 | ] [ |
---|
18 | .B \-i |
---|
19 | .I instance |
---|
20 | ] [ |
---|
21 | .B \-r |
---|
22 | .I realm |
---|
23 | ] [ |
---|
24 | \-u |
---|
25 | .IR username[.instance][@realm] ] |
---|
26 | .SH DESCRIPTION |
---|
27 | The |
---|
28 | .I kpasswd |
---|
29 | command is used to change a Kerberos principal's password. |
---|
30 | .PP |
---|
31 | If the |
---|
32 | .I \-h |
---|
33 | option is specified, a brief summary of the options is printed, and |
---|
34 | .I kpasswd |
---|
35 | then exits. |
---|
36 | .PP |
---|
37 | If the |
---|
38 | .I \-n |
---|
39 | option is specified, |
---|
40 | .I name |
---|
41 | is used as the principal name rather than the username of the user |
---|
42 | running |
---|
43 | .IR kpasswd . |
---|
44 | (This is determined from the ticket file if it exists; |
---|
45 | otherwise, it is determined from the unix user id.) |
---|
46 | .PP |
---|
47 | If the |
---|
48 | .I \-i |
---|
49 | option is specified, |
---|
50 | .I instance |
---|
51 | is used as the instance rather than a null instance. |
---|
52 | .PP |
---|
53 | If the |
---|
54 | .I \-r |
---|
55 | option is specified, |
---|
56 | .I realm |
---|
57 | is used as the realm rather than the local realm. |
---|
58 | .PP |
---|
59 | If the |
---|
60 | .I \-u |
---|
61 | option is specified, a fully qualified kerberos |
---|
62 | principal can be given. |
---|
63 | .PP |
---|
64 | |
---|
65 | The utility prompts for the current Kerberos password (printing |
---|
66 | the name of the principal for which it intends to change the password), |
---|
67 | which is verified by the Kerberos server. If the old password is |
---|
68 | correct, the user is prompted twice for the new password. A message is |
---|
69 | printed indicating the success or failure of the password changing |
---|
70 | operation. |
---|
71 | |
---|
72 | .SH BUGS |
---|
73 | |
---|
74 | .I kpasswd |
---|
75 | does not handle names, instances, or realms with special |
---|
76 | characters in them when the -n, -i, or -r options are used. Any |
---|
77 | valid fullname is accepted, however, if the -u option is used. |
---|
78 | |
---|
79 | If the principal whose password you are trying to change does |
---|
80 | not exist, you will not be told until after you have entered the |
---|
81 | old password. |
---|
82 | |
---|
83 | .SH SEE ALSO |
---|
84 | kerberos(1), kinit(1), passwd(1), kadmin(8) |
---|