[28042] in Kerberos
Re: Passwordless access to kadmin?
daemon@ATHENA.MIT.EDU (John Hascall)
Tue Jul 17 11:22:11 2007
To: "Bryan K. Wright" <bryan@ayesha.phys.virginia.edu>
In-reply-to: Your message of Tue, 17 Jul 2007 13:52:44 -0000.
<f7ihjc$ort$1@murdoch.acc.Virginia.EDU>
Date: Tue, 17 Jul 2007 10:21:43 CDT
Message-ID: <17174.1184685703@malison.ait.iastate.edu>
From: John Hascall <john@iastate.edu>
Cc: kerberos@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Extract the key into a keytab and use this:
-k keytab
???
John
> Hi folks,
>
> I'm new to kerberos, and I'm trying to figure out how
> to invoke kadmin from a web-based script, without prompting for
> the root/admin password. (FWIW, this is part of an account-
> migration scheme. Users will authenticate with their NIS
> credentials, then the script will create a kerberos principal
> for them.)
>
> I realize that I could just use "kadmin -w" and stick
> the password in plaintext into the script, but I'd rather not
> have to do that. Is there a more secure way to do this?
>
> Thanks in advance,
> Bryan
>
> --
> ========================================================================
> Bryan Wright |"If you take cranberries and stew them like
> Physics Department | applesauce, they taste much more like prunes
> University of Virginia | than rhubarb does." -- Groucho
> Charlottesville, VA 22901|
> (434) 924-7218 | bryan@virginia.edu
> ========================================================================
> ________________________________________________
> Kerberos mailing list Kerberos@mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos