diff options
Diffstat (limited to 'ipa-client/man/ipa-getkeytab.1')
-rw-r--r-- | ipa-client/man/ipa-getkeytab.1 | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/ipa-client/man/ipa-getkeytab.1 b/ipa-client/man/ipa-getkeytab.1 index ce62d9d09..bb84ad8f2 100644 --- a/ipa-client/man/ipa-getkeytab.1 +++ b/ipa-client/man/ipa-getkeytab.1 @@ -21,7 +21,7 @@ .SH "NAME" ipa\-getkeytab \- Get a keytab for a Kerberos principal .SH "SYNOPSIS" -ipa\-getkeytab \fB\-s\fR \fIipaserver\fR \fB\-p\fR \fIprincipal\-name\fR \fB\-k\fR \fIkeytab\-file\fR [ \fB\-e\fR encryption\-types ] [ \fB\-q\fR ] [ \fB\-D\fR|\fB\-\-binddn\fR \fIBINDDN\fR ] [ \fB\-w|\-\-bindpw\fR ] [ \fB\-P\fR|\fB\-\-password\fR \fIPASSWORD\fR ] +ipa\-getkeytab \fB\-s\fR \fIipaserver\fR \fB\-p\fR \fIprincipal\-name\fR \fB\-k\fR \fIkeytab\-file\fR [ \fB\-e\fR encryption\-types ] [ \fB\-q\fR ] [ \fB\-D\fR|\fB\-\-binddn\fR \fIBINDDN\fR ] [ \fB\-w|\-\-bindpw\fR ] [ \fB\-P\fR|\fB\-\-password\fR \fIPASSWORD\fR ] [ \fB\-r\fR ] .SH "DESCRIPTION" Retrieves a Kerberos \fIkeytab\fR. @@ -95,6 +95,12 @@ The LDAP DN to bind as when retrieving a keytab without Kerberos credentials. Ge .TP \fB\-w, \-\-bindpw\fR The LDAP password to use when not binding with Kerberos. +.TP +\fB\-r\fR +Retrieve mode. Retrieve an existing key from the server instead of generating a +new one. This is incompatibile with the \-\-password option, and will work only +against a FreeIPA server more recent than version 3.3. The user requesting the +keytab must have access to the keys for this operation to succeed. .SH "EXAMPLES" Add and retrieve a keytab for the NFS service principal on the host foo.example.com and save it in the file /tmp/nfs.keytab and retrieve just the des\-cbc\-crc key. |