-5

destroy Kerberos 5 credentials. This overrides whatever the default built-in behavior may be. This option may be used with -4

-4

destroy Kerberos 4 credentials. This overrides whatever the default built-in behavior may be. This option is only available if kinit was built with Kerberos 4 compatibility. This option may be used with -5

-q

Run quietly. Normally kdestroy beeps if it fails to destroy the user's tickets. The -q flag suppresses this behavior.

-c cache_name

use cache_name as the credentials (ticket) cache name and location; if this option is not used, the default cache name and location are used.

The default credentials cache may vary between systems. If the KRB5CCNAME environment variable is set, its value is used to name the default ticket cache.

Most installations recommend that you place the kdestroy command in your .logout file, so that your tickets are destroyed automatically when you log out.

KRB5CCNAME

Location of the Kerberos 5 credentials (ticket) cache.

KRBTKFILE

Filename of the Kerberos 4 credentials (ticket) cache.

/tmp/krb5cc_[uid]

default location of Kerberos 5 credentials cache ([uid] is the decimal UID of the user).

/tmp/tkt[uid]

default location of Kerberos 4 credentials cache ([uid] is the decimal UID of the user).

Only the tickets in the specified credentials cache are destroyed. Separate ticket caches are used to hold root instance and password changing tickets. These should probably be destroyed too, or all of a user's tickets kept in a single credentials cache.