Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Kerberos Authentication from Application
Top Forums UNIX for Dummies Questions & Answers Kerberos Authentication from Application Post 302226141 by phykell on Monday 18th of August 2008 11:10:57 AM
Old 08-18-2008
Lightbulb
Thanks for your reply Smilie

As a result of your link I found this:

"To learn more on the Kerberos APIs, refer to the IBM Network Authentication Service Version 1.4 Application Development Reference guide shipped on the AIX 5L Version 5.3 Expansion Pack CD and the sample Kerberos example programs bundled with the IBM NAS product."

My system admin installed what I needed and there was indeed a samples directory which contained exactly what I needed Smilie

There's a source code example called krb_login.c which shows how to authenticate with the principal and password and there's even a keytab version along with other examples:
  • Login using principal and password
  • Login from keytab
  • List credentials
  • Destroy credentials
  • Create principal
  • Delete principal
There's even a complete client/server implementation too!
 

9 More Discussions You Might Find Interesting

1. Linux

IPSec using racoon w/ kerberos authentication

Hi, Anyone can point me a good link to setup IPSec using racoon IKE which uses gssapi_krb authentication method? I have a debain linux box and Windows 2003R2 system, and I want them to communicate using IPSec. Thanks, Emily. (0 Replies)
Discussion started by: egyfan
0 Replies

2. Programming

Kerberos Authentication c/c++

I am in the process of developing a application that needs to be able to authenticate users details with a kerberos server, which is proving to be rather difficult. There seems to be a lack of good information on how to do this using the MIT kerberos api. Can anyone point me in the right... (0 Replies)
Discussion started by: mshindo
0 Replies

3. Red Hat

PAM configuration: Kerberos authentication and NIS authorization problem

Hi, I've configured two linux boxes to authenticate against Windows Active Directory using Kerberos while retrieving authorization data (uids, gids ,,,)from NIS. The problem I ran into with my PAM configuration is that all authentication attempts succeed in order.i.e. if someone tried his... (0 Replies)
Discussion started by: geek.ksa
0 Replies

4. Programming

Questions about user authentication in my application

Hi, all, I am a newbie to linux authentication part. Questions below really puzzle me: How to authenticate users from local storage(passwd shadow) and nis server? (Without PAM) getpwnam_r() will return a '*' in the pw_passwd field of "struct passwd". I can parse /etc/shadow. But how... (1 Reply)
Discussion started by: mythmgn
1 Replies

5. AIX

SSH and kerberos authentication problem AIX 5.3

I've configured an AIX 5.3 client to use our Windows AD for user authentication via Kerberos. When I try to ssh to the server using the AD credentials, I eventually get access but not after getting prompted for a password 3 times (which doesn't work) followed by an accepted login on the 4th... (3 Replies)
Discussion started by: jmroderick
3 Replies

6. Programming

CA Siteminder offline authentication for a thick client(swing java) application.

Hi All, I have a thick client based on swing java and we are using CA SiteMinder for the authentication. Now we have new requirement in which we need to access the application when its offline. So is there any way that I can use siteminder for offline authenticaion? I mean can we store... (0 Replies)
Discussion started by: chacko193
0 Replies

7. UNIX for Dummies Questions & Answers

Kerberos Authentication error

Hi , I am trying to authenticate my id on client server with Kerberos and receiving below error kinit rpagadala@BDC.soft.net kinit: Cannot contact any KDC for realm 'BDC.soft.net' while getting initial credentials Please find krb5.conf on the client server configuration which is... (1 Reply)
Discussion started by: Tomlight
1 Replies

8. Shell Programming and Scripting

How to automatically store/cache password for kerberos authentication

Hi All, I am currently writing script to get the details for lot of hosts from jump server. Means each and every time it will ssh to the host and get the information. To achieve that I need to automatically accept the password from Jump server to that main hosts. We are using kerberos password... (6 Replies)
Discussion started by: kamauv234
6 Replies

9. Shell Programming and Scripting

PERL and Kerberos authentication

I am installing Authen::Krb5::Easy and during make test I am getting the follwing error : kinit not ok 2 error was: could not get initial credentials: Cannot contact any KDC for requested realm we are stroring krb5.conf in diff location ( not in /etc/krb5.conf) , but, PERL is... (1 Reply)
Discussion started by: talashil
1 Replies

LEARN ABOUT CENTOS

ipa-rmkeytab

ipa-rmkeytab(1) 						 IPA Manual Pages						   ipa-rmkeytab(1)

NAME

       ipa-rmkeytab - Remove a kerberos principal from a keytab

SYNOPSIS

       ipa-rmkeytab [ -p principal-name ] [ -k keytab-file ] [ -r realm ] [ -d ]

DESCRIPTION

       Removes a kerberos principal from a keytab.

       Kerberos  keytabs  are  used  for  services (like sshd) to perform kerberos authentication. A keytab is a file with one or more secrets (or
       keys) for a kerberos principal.

       A kerberos service principal is a kerberos identity that can be used for authentication. Service principals contain the name  of  the  ser-
       vice, the hostname of the server, and the realm name.

       ipa-rmkeytab  provides  two  ways  to  remove  principals.   A specific principal can be removed or all principals for a given realm can be
       removed.

       All encryption types and versions of a principal are removed.

       The realm may be included when removing a specific principal but it is not required.

       NOTE: removing a principal from the keytab does not affect the Kerberos principal stored in the IPA server. It  merely  removes	the  entry
       from the local keytab.

OPTIONS

       -p principal-name
	      The non-realm part of the full principal name.

       -k keytab-file
	      The keytab file to append the principal(s) from.

       -r realm
	      A realm to remove all principals for.

       -d     Debug mode. Additional information is displayed.

EXAMPLES

       Remove the NFS service principal on the host foo.example.com from /tmp/nfs.keytab.

	  # ipa-rmkeytab -p nfs/foo.example.com -k /tmp/nfs.keytab

       Remove the ldap service principal on the host foo.example.com from /etc/krb5.keytab.

	  # ipa-rmkeytab -p ldap/foo.example.com -k /etc/krb5.keytab

       Remove all principals for the realm EXAMPLE.COM.

	 # ipa-rmkeytab -r EXAMPLE.COM -k /etc/krb5.keytab

EXIT STATUS

       The exit status is 0 on success, nonzero on error.

       1 Kerberos initialization failed

       2 Memory allocation error

       3 Unable to open keytab

       4 Unable to parse the principal name

       5 Principal name or realm not found in keytab

       6 Unable to remove principal from keytab

IPA
								    Oct 30 2009 						   ipa-rmkeytab(1)
All times are GMT -4. The time now is 12:01 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy