subject:"RE\: How do you script linux GIT client to pass kerberos credential to apache enabled GIT server\?"

Re: How do you script linux GIT client to pass kerberos credential to apache enabled GIT server?

2017-04-04 Thread Mantas Mikulėnas

On 2017-04-03 19:04, ken edward wrote:
> Hello,
> 
> I have my git repositories behind an apache server configured with
> kerberos. Works fine if the user is logged in on their workstation.
> Apache gets the kerberos credential, and validates, and  then sends
> the GIT repo being requested.
> 
> BUT, I want to write a script on linux that will also pass the
> kerberos credential to the apache GIT server without having any
> manually intervention. Seems I would create a kerberos keytab for the
> principal and then use that to authenticate kinit supports
> authenticating from a keytab using the -k -t  options,

kinit works, but I think kstart [1] is commonly used for this as well;
takes care of automatic ticket renewal.

ktutil should be able to create a keytab based on your password, but
I've had mixed luck with that. Though still probably easier than
creating a separate instance just for batch tasks...

[1]: https://www.eyrie.org/~eagle/software/kstart/

-- 
Mantas Mikulėnas

RE: How do you script linux GIT client to pass kerberos credential to apache enabled GIT server?

2017-04-03 Thread Randall S. Becker

-Original Message-
On April 3, 2017 12:04 PM, Ken Edward Wrote:
>I have my git repositories behind an apache server configured with kerberos. 
>Works fine if the user is logged in on their workstation.
>Apache gets the kerberos credential, and validates, and  then sends the GIT 
>repo being requested.
>BUT, I want to write a script on linux that will also pass the kerberos 
>credential to the apache GIT server without having any manually intervention. 
>Seems I would create a kerberos keytab for the principal and then use that to 
>>authenticate kinit supports authenticating from a keytab using the -k -t 
> options, but has anyone done this?

Have you attempted prototyping this using curl? It might be able to help out a 
bit. I have done this in the past with Stash and their REST and credentials, 
but not using Kerberos. Just a thought.
Cheers,

Randall

Re: How do you script linux GIT client to pass kerberos credential to apache enabled GIT server?

RE: How do you script linux GIT client to pass kerberos credential to apache enabled GIT server?

2 matches

Site Navigation

Mail list logo

Footer information