On Mon, Nov 6, 2017 at 2:31 PM Jonny Heggheim <hegjon@xxxxxxxxx> wrote:
Hi, I started playing with the pass[1] unix password manager and finally
found workflow that makes my Kerberos workflow scriptable :)
Here is an example:
$ klist
klist: Credentials cache keyring 'persistent:1000:1000' not found
$ pass show fedoraproject.org | head -n1 | kinit jonny@xxxxxxxxxxxxxxxxx
Password for jonny@xxxxxxxxxxxxxxxxx:
$ klist
Ticket cache: KEYRING:persistent:1000:1000
Default principal: jonny@xxxxxxxxxxxxxxxxx
Valid starting Expires Service principal
11/02/2017 18:25:32 11/03/2017 18:25:25
krbtgt/FEDORAPROJECT.ORG@xxxxxxxxxxxxxxxxx
renew until 11/09/2017 18:25:25
Jonny
[1] https://www.passwordstore.org/
Neat. I wish I had known about pass. I wrote my own in bash using mcrypt, git, and grep.
But, I've never needed to use it for Kerberos. GOA works fine for me in Fedora.
One alternative to using pass might be to use python-keyring to use your passphrase in your system credential store (gnome-keyring-daemon, or KWallet, or whatever):
$ keyring set login fedoraproject.org # one time to store
$ keyring get login fedoraproject.org | kinit jonny@xxxxxxxxxxxxxxxxx
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
