?
Solved

using curl with kerberos

Posted on 2011-09-20
6
Medium Priority
?
1,548 Views
Last Modified: 2012-05-12
Need help in using kerberos with curl.   What parameters should be passed and to specify the kerberos key?
0
Comment
Question by:joex
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 40

Expert Comment

by:noci
ID: 36573158
Kerberos is based on a system wide key. So you need to configure your system to be part of the Kerberos set.
Then your programs on your system can access services in the kerberized network.

For curl you can only select the amount of confientiality you want (ie, what is encrypted, control and/or data too?)

kadmin, krb5kdc are tools to look into
krb5.conf is the config file.
0
 

Author Comment

by:joex
ID: 36901070
Is it necessary for the curl libraries to be updated to support kerberos.
0
 
LVL 40

Expert Comment

by:noci
ID: 36901997
Only if it hasn't been built with kerberos, you need new ones that support kerberos.
this can help:
$ curl --version
curl 7.21.4 (i686-pc-linux-gnu) libcurl/7.21.4 OpenSSL/1.0.0e zlib/1.2.5 libidn/1.22
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp smtp smtps telnet tftp
Features: GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz


GSS Negotiate means it support kerberos

0
Don't Cry: How Liquid Web is Ensuring Security

WannaCry is just the start. Read how Liquid Web is protecting itself and its customers against new threats.

 

Author Comment

by:joex
ID: 36902909
Interesting that version 7.21.7 on Windows does not support kerberos:

C:\Program Files\curl-7.22.0>curl --version
curl 7.21.7 (i386-pc-win32) libcurl/7.21.7 OpenSSL/1.0.0c zlib/1.2.5
Protocols: dict file ftp ftps gopher http https imap imaps ldap pop3 pop3s rtsp
smtp smtps telnet tftp
Features: AsynchDNS Largefile NTLM SSL libz
0
 
LVL 40

Accepted Solution

by:
noci earned 2000 total points
ID: 36903004
I am not a windows guru, but maybe that's because the windows environment has a Kerberos look alike at it'  core.
Depending on your version of windows is became the Kerberos engine itself.

Maybe a more recent  versyn of cygwin & libraries can help?
Here is the most recent mail I could find on this.
http://curl.haxx.se/mail/lib-2006-01/0195.html
0
 

Author Comment

by:joex
ID: 36907589
Thanks.

My plan is to look into using that link this week.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are many software programs on offer that will claim to magically speed up your computer. The best advice I can give you is to avoid them like the plague, because they will often cause far more problems than they solve. Try some of these "do it…
If you're a modern-day technology professional, you may be wondering if certifications are really necessary. They are. Here's why.
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question