Destroy expired tickets?

Stefan Monnier monnier at iro.umontreal.ca
Wed Nov 5 21:16:41 EST 2008


How can I destroy expired tickets?

They're useless at best, and in some cases they're positively harmful
(their presence prompts `ssh' to contact the KDC to try and delegate
credentials, which is a waste if the tickets are expired, and is really
annoying when the KDC times out because it's behind a firewall).

But I couldn't find any command that would destroy only expired tickets.
Any idea what I should use?  I guess I could try and parse the date&time
in "klist", but it'd be a pain in the rear and blatantly brittle.

This is on a Debian GNU/Linux system, in case it matters,


        Stefan




More information about the Kerberos mailing list