You are viewing a plain text version of this content. The canonical link for it is here.
Posted to hdfs-user@hadoop.apache.org by Benoy Antony <ba...@gmail.com> on 2016/02/10 22:02:24 UTC
Keytab Renewal and Distribution Service
Hi All,
We have an environment where developers could create VMs/Docker Containers
and run periodic jobs . Since our clusters need Kerberos Authentication,
the each client need a unique principal and Keytabs. The number of
clients could be in thousands.
Due to security policy , we have to change passwords of these accounts
periodically or on demand and update the keytabs. We are looking for a
service which can renew passwords and provide new keytabs to the clients.
Are there any open source tools which can renew keytabs and provide them to
authorized clients ?
If none exists, I am planning to develop one. If anyone is interested in
co-developing it in github, please let me know. If you prefer, you can
unicast to benoy@apache.org .
thanks and regards,
Benoy Antony