kerberos authentication setup for postgresql in REDHAT environment - linux

Our backend is running with PostgreSql in REDHAT environment.Here we need to implement a kerberos authentication.what will be the configuration changes required to perform this.
example: google. once we login to google.com we can access google+, google drive, google apps.. without again providing password.

I too need a similar setup. but my requirment is my client wants to connect through windows as front-end where RHEL is using as backend. so, i have a vague idea thats going to work out with Active Directory configuration. but guide me on how to setup kerberos using AD on RHEL.

Related

google cloud disabled publickey?

I was sshd_config change disabled publickey then I don't connecting server.
I have a user but user have not privillege.
Google cloud debian 9 server, bitnami wordpress deploy server
Please check documentation that describes how to connect to the instance using ssh.
You may also check troubleshooting SSH documentation.
You may also try to use gloucd compoute ssh. where you can even connect as a service account
If above does not work for you. Please update your question with more details like: precise error message that you get, user,

SSPI Provider: Server not found in Kerberos database SQL 2017 Linux

Ok, I have followed the steps from https://learn.microsoft.com/en-us/sql/linux/sql-server-linux-active-directory-authentication?view=sql-server-2017 to try and fix this issue as well as the SUSE/Redhat documentation for connecting to an AD server.
The servers are on the domain, I can log into the servers with my domain credentials but when I attempt to login to SQL as a domain user ( that is a Sysadmin on the SQL Server ) I get a the Login failed, the login is from an Untrusted domain and cannot be used with integrated authentication ( Error 18452) when attempting to use SSMS from a Windows box that works if I log in with a local account from it. When I log in as the domain user on the linux box I get the SSPI Provider: Server not found in Kerberos database and Cannot Generate SSPI context. Iif I use sqlcmd for a local user connecting to the FQDN of either server it connects fine. I haven't touched Linux from an Admin standpoint in over 15 years.
This is on both a SUSE 12 SP2 and a Redhat 7.5 server in our test environment. Not a big deal for me but our users are complaining because they now need a local account to log in for testing purposes instead of just using their domain accounts like the Windows side of things. Any help is greatly appreciated, most of what I am finding online just points me back to the Microsoft document and I have basically rebuilt the servers a couple times trying to add it to the domain before installing SQL and also after installing SQL to see if that made any difference, get the same error both ways.

Kerberos on Windows8

Can anyone help me to setup kerberos authentication on windows8?
1.I googled about kerberos setup in windows8, but it is hard to know,
2.Also tried with Ksetup command line tool, but there is no improvements,
Help me to setup kerberos in windows8.
Thanks in advance.
Kerberos in windows can be achieved by the windows server OS with active directory
In that server we need to create krb5.ini configuration file and users who are going to be access the service or host
Also we need to map separate principals to the appropriate user
Finally we can access those principals in any other windows system with the correct kerberos realm
Refer Configuring Windows Server 2000 Kerberos Service

Neo4j: Ubuntu hosted endpoint protection on Microsoft Azure

I am trying to host the neo4j server on an Azure Ubuntu VM and opened up the endpoint to enable access from my machine so that I can access the webadmin portal and also debug Asp.net portal code from my machine.
I am however unable to understand how to password protect the access to neo4j endpoint on that VM so that its not open for everyone on the net. looking for at least a simple protection like:
http://<user>:<pass>#myneo4j.cloudapp.net:7474/db/data
Is there any guide on how to setup the neo4j on the Azure cloud that I can refer to.
I found authentication-extension but unable to understand if this is all i need when setting up connection via Neo4jClient
Regards
Kiran
If you use ubuntu you can set up nginx as reverse proxy: http://joewhite86.wordpress.com/2013/05/29/secure-neo4j-webadmin-using-http-auth-and-ssl/
Once I downloaded the right version of 'authentication-extension' and put it in the plugin folder, it was exactly what i wanted,
added few users and pointed the URI to database as below :
http(s)://<user>:<pass>#myneo4j.cloudapp.net:7474/db/data.
and that's all I needed to protect my back end like old fashion SQL server ways.

Git connected to Active Directory

Objective:
Setup Git repository on Oracle Linux 6. Users connecting from Windows, Mac and Linux, using AD credentials. I would like to limit access base on AD groups. I have been searching for a way to set this up. I have seen several options that allow for fine grained access control of the repository but I haven't found anything that can use AD groups to manage access.
So the question is: Is this even possible? Can someone point me in the direction of documentation that would explain the process?
Update:
There now appear to be more options:
GitLab supports LDAP authentication
Gogs supports LDAP too
Update:
GitBlit, "an open-source, pure Java stack for managing, viewing, and serving Git repositories", supports LDAP authentication out of the box:
LDAP can be used to authenticate Users and optionally control Team memberships. When properly configured, Gitblit will delegate authentication to your LDAP server and will cache some user information in the usual users.conf file.
GitBlit also lists support for Windows authentication, but only when installed on Windows, and only tested against local accounts.
Previous answer:
If you move your Git server to Bonobo Git Server on Windows you can use Windows authentication:
Windows Authentication
This authentication is very useful when your git server sits inside the company network and your accounts and logging information could be managed via IIS. The advantage of this approach is that your users won’t have to create another account for logging to Bonobo Git Server. They will use the existing Windows account they use on the network.
Doing this from Linux is possible, but unlikely to be easy. You'll probably have to set PAM up to use either LDAP or Kerberos authentication and then do quite a lot of configuration. If you've got Windows licences I strongly recommend checking out Bonobo.

Resources