Next: , Previous: Parameters for shishid, Up: Reference Manual


4.8 Parameters for shisa

The purpose of ‘shisa’ is to manipulate information stored in the Kerberos 5 database used by Shishi.

Mandatory arguments to long options are mandatory for short options too.

     Usage: shisa [OPTIONS]... [REALM [PRINCIPAL]]...
     
       -h, --help                         Print help and exit
       -V, --version                      Print version and exit
     
     Operations:
       -a, --add                          Add realm or principal to database.
       -d, --dump                         Dump entries in database.
       -n, --key-add                      Add new key to a principal in database.
           --key-remove                   Remove a key from a principal in
                                            database.
       -l, --list                         List entries in database.
       -m, --modify                       Modify principal entry in database.
       -r, --remove                       Remove realm or principal from database.
     
     Parameters:
       -f, --force                        Allow removal of non-empty realms.
                                              (default=off)
           --enabled                      Only dump or list enabled principals.
                                              (default=off)
           --disabled                     Only dump or list disabled principals.
                                              (default=off)
           --keys                         Print cryptographic key and password in
                                            hostkey format.  (default=off)
     
     Values:
       -E, --encryption-type=STRING       Override default key encryption type.
                                            Valid values include 'aes128',
                                            'aes256', 'aes' (same as 'aes256'),
                                            '3des', 'des-md5', 'des-md4',
                                            'des-crc', 'des' (same as 'des-md5'),
                                            and 'arcfour'.
           --key-version=NUMBER           Version of key.
           --password[=STRING]            Derive key from this password.
           --random                       Use a random key.  (default)
           --salt=STRING                  Use specified salt for deriving key.
                                            Defaults to concatenation of realm and
                                            (unwrapped) principal name.
           --string-to-key-parameter=HEX  Encryption algorithm specific parameter
                                            for password derivation.  Currently
                                            only the AES algorithm can utilize
                                            this, where it is interpreted as the
                                            iteration count of the PKCS#5 PBKDF2
                                            key deriver.
     
     Other options:
       -c, --configuration-file=FILE      Use specified configuration file.
       -o, --library-options=STRING       Parse string as configuration file
                                            statement.
       -v, --verbose                      Produce verbose output.
                                              (default=off)
       -q, --quiet                        Don't produce any diagnostic output.
                                              (default=off)