klist reads and displays the current tickets in the credential cache (also known as the ticket file).
- -c cache, --cache=cache
credential cache to list
- -s, -t, --test
Test for there being an active and valid TGT for the local realm of the user in the credential cache.
- -T, --tokens
display AFS tokens
- -5, --v5
display v5 cred cache (this is the default)
Include ticket flags in short form, each character stands for a specific flag, as follows:
This information is also output with the --verbose option, but in a more verbose way.
- -v, --verbose
Verbose output. Include all possible information:
the principal the ticket is for
- Ticket etype
the encryption type used in the ticket, followed by the key version of the ticket, if it is available
- Session key
the encryption type of the session key, if it's different from the encryption type of the ticket
- Auth time
the time the authentication exchange took place
- Start time
the time that this ticket is valid from (only printed if it's different from the auth time)
- End time
when the ticket expires, if it has already expired this is also noted
- Renew till
the maximum possible end time of any ticket derived from this one
- Ticket flags
the flags set on the ticket
the set of addresses from which this ticket is valid
- -l, --list-caches
List the credential caches for the current users, not all cache types supports listing multiple caches.