ktab is a keytab management utility.
It manage the principal names and service keys stored in a local key table.
Usage: ktab <commands> <options> Available commands: -l [-e] [-t] list the keytab name and entries. -e with etype, -t with timestamp. -a <principal name> [<password>] [-n <kvno>] [-append] add new key entries to the keytab for the given principal name with optional <password>. If a <kvno> is specified, new keys' Key Version Numbers equal to the value, otherwise, automatically incrementing the Key Version Numbers. If -append is specified, new keys are appended to the keytab, otherwise, old keys for the same principal are removed. -d <principal name> [-f] [-e <etype>] [<kvno> | all | old] delete key entries from the keytab for the specified principal. If <kvno> is specified, delete keys whose Key Version Numbers match kvno. If "all" is specified, delete all keys. If "old" is specified, delete all keys except those with the highest kvno. Default action is "all". If <etype> is specified, only keys of this encryption type are deleted. <etype> should be specified as the numberic value etype defined in RFC 3961, section 8. A prompt to confirm the deletion is displayed unless -f is specified. Common option(s): -k <keytab name> specify keytab name and path with prefix FILE: