NAME
kdestroy — destroy Kerberos tickets
SYNOPSIS
kdestroy
[-q]
[-c
cache_filename]
DESCRIPTION
The
kdestroy
utility destroys the user's active Kerberos authorization tickets by
writing zeros to the specified credentials cache that contains them. If
the credentials cache is not specified, the default credentials cache is
destroyed.
Options
- -q
Run quietly. Normally
kdestroy
beeps if it fails to destroy the user's tickets. The
-q
flag suppresses this behavior.
- -c cache_filename
Use
cache_filename
as the credentials ticket cache name and location. If this option is
not used, the default cache name and location is used.
The default credentials cache may vary between systems. If the
KRB5CCNAME
environment variable is set, its value is used to name the default
ticket cache.
Most installations recommend that you place the
kdestroy
command in your
.logout
file, so that your tickets are destroyed automatically when you log out.
Note
For DCE operations use
/opt/dce/bin/kdestroy.
Environment
kdestroy
uses the following environment variable:
- KRB5CCNAME
Location of the credentials ticket cache.
WARNINGS
Only the tickets in the specified credentials cache are destroyed.
Separate ticket caches are used to hold root instance and password
changing tickets. Even these should be destroyed. It is recommended that
to keep all user tickets in a single credentials cache.
FILES
- /tmp/krb5cc_{uid}
Default credentials cache.
{uid}
is the decimal UID of the user.
AUTHOR
kdestroy
was developed
by the Massachusetts Institute of Technology.