Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

R Shell and Kerberos Ticket

Tags:

r

kerberos

I have a hive connection via JDBC in RStudio without problems, I create Kerberos ticket in Tools < Shell: kinit and all working fine, I can use Kerberos TGT.

But if I make the same method via shell/ssh and loading R in terminal (Not RStudio), R can't use Kerberos TGT File and fails.

How can i use the Kerberos ticket?

> [user@server ~]$: kinit
>
> Password for user@domain:  --i put the password--
>
> [user@server ~]$: R 
>
> -- R load --
>
> \> source('samecode.r')
>
> Error Caused by: java.sql.SQLException: Could not create secure connection to jdbc:hive2:....etc

Any idea? This error happens in RStudio if we not create the ticket, but when it's created in tools>shell all work fine, in console its impossible. I try to create it with

 system('kinit');

And create the ticket fine, but can't use it in the rest of the code.

like image 480
Worvast Avatar asked Nov 16 '15 12:11

Worvast

People also ask

What is the command to get Kerberos ticket?

To create a ticket, use the kinit command. The kinit command prompts you for your password. For the full syntax of the kinit command, see the kinit(1) man page. This example shows a user, kdoe, creating a ticket on her own system.

What is Kinit and Klist?

The klist tool displays the entries in the local credentials cache and key table. After you modify the credentials cache with the kinit tool or modify the keytab with the ktab tool, the only way to verify the changes is to view the contents of the credentials cache or keytab using the klist tool.

What are the two ticket types used with Kerberos?

There are two main types of Kerberos tickets used in Active Directory: Ticket Granting Ticket (TGT) and service tickets. Service tickets are obtained from the Ticket Granting Service (TGS). The TGT is used to authenticate the identity of a particular entity in Active Directory, such as a user account.

What is a Forwardable Kerberos ticket?

Forwarding tickets allows you to “chain” your network transactions. You can, for example, remotely log in to one machine and then remotely log in from it to another machine. The -f option allows you to forward a ticket, while the -F option allows you to reforward a forwarded ticket.

1 Answers

Hi you can create a kerberos ticket within R with a keytab file and this command :

system("kinit [email protected] -k -t username.keytab")

To create the keytab you have to do this via shell :

ktutil
ktutil:  addent -password -p [email protected] -k 1 -e rc4-hmac
Password for [email protected]: [enter your password]
ktutil:  addent -password -p [email protected] -k 1 -e aes256-cts
Password for [email protected]: [enter your password]
ktutil:  wkt username.keytab
ktutil:  quit

All the steps for creating a keytab are explained here

And the keytab file must be in your working directory.

like image 93
Victorp Avatar answered Sep 21 '22 17:09

Victorp
Sign in to Comment

Related questions

in R: Error in is.data.frame(data) : object '' not found, C5.0 plot
Function that extracts each unique character in a string
ggplot2: Plotting regression lines with different intercepts but with same slope
Odd behavior when joining with multiple conditions
Rcpp Create DataFrame with Variable Number of Columns
R convert list of lists to dataframe
How to create a decision boundary graph for kNN models in the Caret package?
Filling list with empty vectors causes its length to change
R shiny: color fileInput button and progress bar
Group Data in R for consecutive rows
Update matrix using matrix of indices in R
Efficient Collapse Dummy Variables
what does mean the command if(0) in r?
ggplot scale_x_continuous with symbol: make bold
Construct variable names in select_
Regex extraction data before vs after comma in R
How to use group_by() and do() in dplyr to apply a function for each factor level
Replace values in named vector with values from another named vector in R
File renaming using R
Count number of observations per day, month and year in R

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!