On 2017-04-03 19:04, ken edward wrote: > Hello, > > I have my git repositories behind an apache server configured with > kerberos. Works fine if the user is logged in on their workstation. > Apache gets the kerberos credential, and validates, and then sends > the GIT repo being requested. > > BUT, I want to write a script on linux that will also pass the > kerberos credential to the apache GIT server without having any > manually intervention. Seems I would create a kerberos keytab for the > principal and then use that to authenticate.... kinit supports > authenticating from a keytab using the -k -t <keytab-path> options,
kinit works, but I think kstart [1] is commonly used for this as well; takes care of automatic ticket renewal. ktutil should be able to create a keytab based on your password, but I've had mixed luck with that. Though still probably easier than creating a separate instance just for batch tasks... [1]: https://www.eyrie.org/~eagle/software/kstart/ -- Mantas Mikulėnas <[email protected]>
