kas interactive [-admin_username <admin principal to use for authentication>]
[-password_for_admin <admin password>] [-cell <cell name>]
[-servers <explicit list of authentication servers>+]
kas i [-a <admin principal to use for authentication>]
[-p <admin password>] [-c <cell name>]
[-s <explicit list of authentication servers>+] [-n] [-h]
The kas interactive command establishes an interactive session for the
issuer of the command. By default, the command interpreter establishes an
authenticated connection for the user logged into the local file system
with all of the Authentication Servers listed in the local
/etc/openafs/CellServDB file for the cell named in the local
/etc/openafs/ThisCell file. To specify an alternate identity, cell
name, or list of Authentication Servers, include the -admin_username,
-cell, or -servers arguments respectively. Interactive mode lasts
for six hours unless the maximum ticket lifetime for the issuer or the
Authentication Server's Ticket Granting Service is shorter.
There are two other ways to enter interactive mode, in addition to the
kas interactive command:
Type the kas command at the shell prompt without any operation code. If
appropriate, include one or more of the -admin_username,
-password_for_admin, -cell, and -servers arguments.
Type the kas command followed by a user name and cell name, separated by
an "@" sign (for example: kas firstname.lastname@example.org), to establish a
connection under the specified identity with the Authentication Servers
listed in the local /etc/openafs/CellServDB file for the indicated
cell. If appropriate, provide the -servers argument to specify an
alternate list of Authentication Server machines that belong to the
There are several consequences of entering interactive mode:
The "ka>" prompt replaces the system (shell) prompt. When typing
commands at this prompt, provide only the operation code (omit the command
suite name, kas).
The command interpreter does not prompt for the issuer's password.
The issuer's identity and password, the relevant cell, and the set of
Authentication Server machines specified when entering interactive mode
apply to all commands issued during the session. They cannot be changed
without leaving the session, except by using the kas noauthentication
command to replace the current authenticated connections with
unauthenticated ones. The -admin_username, -password_for_admin,
-cell, and -servers arguments are ignored if provided on a command
issued during interactive mode.
To establish an unauthenticated connection to the Authentication Server,
include the -noauth flag or provide an incorrect password. Unless
authorization checking is disabled on each Authentication Server machine
involved, however, it is not possible to perform any privileged operations
within such a session.
To end the current authenticated connection and establish an
unauthenticated one, issue the kas noauthentication command. To leave
interactive mode and return to the regular shell prompt, issue the kas
-admin_username <admin principal>
Specifies the user identity under which to authenticate with the
Authentication Server for execution of the command. For more details, see
-password_for_admin <admin password>
Specifies the password of the command's issuer. If it is omitted (as
recommended), the kas command interpreter prompts for it and does not
echo it visibly. For more details, see kas(8).
-cell <cell name>
Names the cell in which to run the command. For more details, see
-servers <authentication servers>+
Names each machine running an Authentication Server with which to
establish a connection. For more details, see kas(8).
Assigns the unprivileged identity "anonymous" to the issuer. For more
details, see kas(8).
Prints the online help for this command. All other valid options are
The following example shows a user entering interactive mode as the
privileged user "admin".
% kas interactive admin
Password for admin: I<admin_password>
This documentation is covered by the IBM Public License Version 1.0. It was
converted from HTML to POD by software written by Chas Williams and Russ
Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.