Solved

using curl with kerberos

Posted on 2011-09-20
6
1,418 Views
Last Modified: 2012-05-12
Need help in using kerberos with curl.   What parameters should be passed and to specify the kerberos key?
0
Comment
Question by:joex
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 40

Expert Comment

by:noci
ID: 36573158
Kerberos is based on a system wide key. So you need to configure your system to be part of the Kerberos set.
Then your programs on your system can access services in the kerberized network.

For curl you can only select the amount of confientiality you want (ie, what is encrypted, control and/or data too?)

kadmin, krb5kdc are tools to look into
krb5.conf is the config file.
0
 

Author Comment

by:joex
ID: 36901070
Is it necessary for the curl libraries to be updated to support kerberos.
0
 
LVL 40

Expert Comment

by:noci
ID: 36901997
Only if it hasn't been built with kerberos, you need new ones that support kerberos.
this can help:
$ curl --version
curl 7.21.4 (i686-pc-linux-gnu) libcurl/7.21.4 OpenSSL/1.0.0e zlib/1.2.5 libidn/1.22
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp smtp smtps telnet tftp
Features: GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz


GSS Negotiate means it support kerberos

0
Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

 

Author Comment

by:joex
ID: 36902909
Interesting that version 7.21.7 on Windows does not support kerberos:

C:\Program Files\curl-7.22.0>curl --version
curl 7.21.7 (i386-pc-win32) libcurl/7.21.7 OpenSSL/1.0.0c zlib/1.2.5
Protocols: dict file ftp ftps gopher http https imap imaps ldap pop3 pop3s rtsp
smtp smtps telnet tftp
Features: AsynchDNS Largefile NTLM SSL libz
0
 
LVL 40

Accepted Solution

by:
noci earned 500 total points
ID: 36903004
I am not a windows guru, but maybe that's because the windows environment has a Kerberos look alike at it'  core.
Depending on your version of windows is became the Kerberos engine itself.

Maybe a more recent  versyn of cygwin & libraries can help?
Here is the most recent mail I could find on this.
http://curl.haxx.se/mail/lib-2006-01/0195.html
0
 

Author Comment

by:joex
ID: 36907589
Thanks.

My plan is to look into using that link this week.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question