Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1704
  • Last Modified:

using curl with kerberos

Need help in using kerberos with curl.   What parameters should be passed and to specify the kerberos key?
0
joex
Asked:
joex
  • 3
  • 3
1 Solution
 
nociSoftware EngineerCommented:
Kerberos is based on a system wide key. So you need to configure your system to be part of the Kerberos set.
Then your programs on your system can access services in the kerberized network.

For curl you can only select the amount of confientiality you want (ie, what is encrypted, control and/or data too?)

kadmin, krb5kdc are tools to look into
krb5.conf is the config file.
0
 
joexAuthor Commented:
Is it necessary for the curl libraries to be updated to support kerberos.
0
 
nociSoftware EngineerCommented:
Only if it hasn't been built with kerberos, you need new ones that support kerberos.
this can help:
$ curl --version
curl 7.21.4 (i686-pc-linux-gnu) libcurl/7.21.4 OpenSSL/1.0.0e zlib/1.2.5 libidn/1.22
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp smtp smtps telnet tftp
Features: GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz


GSS Negotiate means it support kerberos

0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
joexAuthor Commented:
Interesting that version 7.21.7 on Windows does not support kerberos:

C:\Program Files\curl-7.22.0>curl --version
curl 7.21.7 (i386-pc-win32) libcurl/7.21.7 OpenSSL/1.0.0c zlib/1.2.5
Protocols: dict file ftp ftps gopher http https imap imaps ldap pop3 pop3s rtsp
smtp smtps telnet tftp
Features: AsynchDNS Largefile NTLM SSL libz
0
 
nociSoftware EngineerCommented:
I am not a windows guru, but maybe that's because the windows environment has a Kerberos look alike at it'  core.
Depending on your version of windows is became the Kerberos engine itself.

Maybe a more recent  versyn of cygwin & libraries can help?
Here is the most recent mail I could find on this.
http://curl.haxx.se/mail/lib-2006-01/0195.html
0
 
joexAuthor Commented:
Thanks.

My plan is to look into using that link this week.
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now