cURL / Mailing Lists / curl-users / Single Mail

curl-users

Forcing curl to use gssapi

From: Michael B. Klein <mbklein_at_gmail.com>
Date: Fri, 2 Mar 2012 15:13:02 -0800

Hi all,

I've compiled curl with both libssl2 and gssapi support, but I can't seem
to get curl to attempt gssapi authentication.

Here's my (verbose) output:

dn0a20734e:lyber-core mbklein$ curl-ssh --verbose sftp://myuser@myserver
/var/opt/home/myuser/testfile.txt
* About to connect() to myserver port 22 (#0)
* Trying [ip address]...
* connected
* Connected to myserver ([ip address]) port 22 (#0)
* SSH MD5 fingerprint: [redacted]
* SSH host check: 0, key: [redacted]
* SSH authentication methods available: publickey,gssapi-with-mic,password
* Using ssh public key file /Users/mbklein/.ssh/id_dsa.pub
* Using ssh private key file /Users/mbklein/.ssh/id_dsa
* SSH public key authentication failed: Username/PublicKey combination
invalid
* Authentication failure
* Closing connection #0
curl: (67) Authentication failure

And here's my build info:

curl 7.24.0 (x86_64-apple-darwin11.3.0) libcurl/7.24.0 OpenSSL/0.9.8r
zlib/1.2.5 libidn/1.22 libssh2/1.3.0
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3
pop3s rtsp scp sftp smtp smtps telnet tftp
Features: GSS-Negotiate IDN IPv6 Largefile NTLM NTLM_WB SSL libz

It doesn't seem to be attempting gssapi-with-mic (or password) negotiation
after publickey auth fails. I've tried using "--krb private" and
"--negotiate" and various values to "-u" but I get the same output every
time.

Am I doing something wrong, or is SFTP+GSSAPI/Kerberos simply not a
supported protocol/auth combination?

Thanks,
Michael

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ: http://curl.haxx.se/docs/faq.html
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2012-03-03