Solved

using curl with kerberos

Posted on 2011-09-20
6
1,311 Views
Last Modified: 2012-05-12
Need help in using kerberos with curl.   What parameters should be passed and to specify the kerberos key?
0
Comment
Question by:joex
  • 3
  • 3
6 Comments
 
LVL 40

Expert Comment

by:noci
ID: 36573158
Kerberos is based on a system wide key. So you need to configure your system to be part of the Kerberos set.
Then your programs on your system can access services in the kerberized network.

For curl you can only select the amount of confientiality you want (ie, what is encrypted, control and/or data too?)

kadmin, krb5kdc are tools to look into
krb5.conf is the config file.
0
 

Author Comment

by:joex
ID: 36901070
Is it necessary for the curl libraries to be updated to support kerberos.
0
 
LVL 40

Expert Comment

by:noci
ID: 36901997
Only if it hasn't been built with kerberos, you need new ones that support kerberos.
this can help:
$ curl --version
curl 7.21.4 (i686-pc-linux-gnu) libcurl/7.21.4 OpenSSL/1.0.0e zlib/1.2.5 libidn/1.22
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp smtp smtps telnet tftp
Features: GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz


GSS Negotiate means it support kerberos

0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:joex
ID: 36902909
Interesting that version 7.21.7 on Windows does not support kerberos:

C:\Program Files\curl-7.22.0>curl --version
curl 7.21.7 (i386-pc-win32) libcurl/7.21.7 OpenSSL/1.0.0c zlib/1.2.5
Protocols: dict file ftp ftps gopher http https imap imaps ldap pop3 pop3s rtsp
smtp smtps telnet tftp
Features: AsynchDNS Largefile NTLM SSL libz
0
 
LVL 40

Accepted Solution

by:
noci earned 500 total points
ID: 36903004
I am not a windows guru, but maybe that's because the windows environment has a Kerberos look alike at it'  core.
Depending on your version of windows is became the Kerberos engine itself.

Maybe a more recent  versyn of cygwin & libraries can help?
Here is the most recent mail I could find on this.
http://curl.haxx.se/mail/lib-2006-01/0195.html
0
 

Author Comment

by:joex
ID: 36907589
Thanks.

My plan is to look into using that link this week.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Skype is a P2P (Peer to Peer) instant messaging and VOIP (Voice over IP) service – as well as a whole lot more.
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
In this fourth video of the Xpdf series, we discuss and demonstrate the PDFinfo utility, which retrieves the contents of a PDF's Info Dictionary, as well as some other information, including the page count. We show how to isolate the page count in a…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now