If no parameters are specified, ‘shishid’ listens on the defaults interfaces and answers incoming requests using the keys in the default key file.
Mandatory arguments to long options are mandatory for short options too.
Usage: shishid [OPTIONS]...
-h, --help Print help and exit
-V, --version Print version and exit
Commands:
-l, --listen=[FAMILY:]ADDR:PORT/TYPE
Sockets to listen for queries on. Family is
`IPv4' or `IPv6', if absent the family is
decided by gethostbyname(ADDR). An address of
`*' indicates all addresses on the local
host. The default is `*:kerberos/udp,
*:kerberos/tcp'.
-u, --setuid=NAME After binding socket, set user identity.
TLS settings:
--no-tls Disable TLS support (default=off)
--x509cafile=FILE X.509 certificate authorities used to verify
client certificates, in PEM format.
--x509certfile=FILE X.509 server certificate, in PEM format.
--x509crlfile=FILE X.509 certificate revocation list to check for
revoked client certificates, in PEM format.
--x509keyfile=FILE X.509 server certificate key, in PEM format.
--resume-limit=SHORT Keep track of up to this many TLS sessions for
resume purposes (0 to disable TLS resume).
(default=`50')
Other options:
-c, --configuration-file=FILE Use specified configuration file.
-v, --verbose Produce verbose output.
Use multiple times to increase amount of
information.
-q, --quiet Don't produce any diagnostic output.
(default=off)