The kpasswd command is used to change a Kerberos principal's password.
Kpasswd prompts for the current Kerberos password, which is used to
obtain a changepw ticket from the KDC for the user's Kerberos realm.
If kpasswd successfully obtains the changepw ticket, the user is
prompted twice for the new password, and the password is changed.
If the principal is governed by a policy that specifies the length
and/or number of character classes required in the new password, the
new password must conform to the policy. (The five character classes
are lower case, upper case, numbers, punctuation, and all other charac‐
change the password for the Kerberos principal principal. Oth‐
erwise, kpasswd uses the principal name from an existing ccache
if there is one; if not, the principal is derived from the iden‐
tity of the user invoking the kpasswd command.
kpasswd looks first for kpasswd_server = host:port in the [realms] sec‐
tion of the krb5.conf file under the current realm. If that is miss‐
ing, kpasswd looks for the admin_server entry, but substitutes 464 for
kpasswd may not work with multi-homed hosts running on the Solaris
Man(1) output converted with