Next: , Previous: , Up: Reference Manual   [Contents][Index]


4.8 Parameters for shisa

The purpose of ‘shisa’ is to manipulate information stored in the Kerberos 5 database used by Shishi.

Mandatory arguments to long options are mandatory for short options too.

Usage: shisa [OPTIONS]... [REALM [PRINCIPAL]]...

  -h, --help                         Print help and exit
  -V, --version                      Print version and exit

Operations:
  -a, --add                          Add realm or principal to database.
  -d, --dump                         Dump entries in database.
  -n, --key-add                      Add new key to a principal in database.
      --key-remove                   Remove a key from a principal in
                                       database.
  -l, --list                         List entries in database.
  -m, --modify                       Modify principal entry in database.
  -r, --remove                       Remove realm or principal from database.

Parameters:
  -f, --force                        Allow removal of non-empty realms.
                                         (default=off)
      --enabled                      Only dump or list enabled principals.
                                         (default=off)
      --disabled                     Only dump or list disabled principals.
                                         (default=off)
      --keys                         Print cryptographic key and password in
                                       hostkey format.  (default=off)

Values:
  -E, --encryption-type=STRING       Override default key encryption type.
                                       Valid values include 'aes128',
                                       'aes256', 'aes' (same as 'aes256'),
                                       '3des', 'des-md5', 'des-md4',
                                       'des-crc', 'des' (same as 'des-md5'),
                                       and 'arcfour'.
      --key-version=NUMBER           Version of key.
      --password[=STRING]            Derive key from this password.
      --random                       Use a random key.  (default)
      --salt=STRING                  Use specified salt for deriving key.
                                       Defaults to concatenation of realm and
                                       (unwrapped) principal name.
      --string-to-key-parameter=HEX  Encryption algorithm specific parameter
                                       for password derivation.  Currently
                                       only the AES algorithm can utilize
                                       this, where it is interpreted as the
                                       iteration count of the PKCS#5 PBKDF2
                                       key deriver.

Other options:
  -c, --configuration-file=FILE      Use specified configuration file.
  -o, --library-options=STRING       Parse string as configuration file
                                       statement.
  -v, --verbose                      Produce verbose output.
                                         (default=off)
  -q, --quiet                        Don't produce any diagnostic output.
                                         (default=off)

Next: , Previous: , Up: Reference Manual   [Contents][Index]